Path: utzoo!utgpu!watmath!uunet!tut.cis.ohio-state.edu!rutgers!labrea!agate!ucbvax!tully.Berkeley.EDU!mcgrath
From: mcgrath@tully.Berkeley.EDU.berkeley.edu (Roland McGrath)
Newsgroups: gnu.emacs
Subject: Re: Socket created by emacsclient server
Message-ID: <26736@ucbvax.BERKELEY.EDU>
Date: 9 Nov 88 00:29:09 GMT
References: <8811081608.AA17358@prep.ai.mit.edu>
Sender: usenet@ucbvax.BERKELEY.EDU
Reply-To: roland@wheaties.ai.mit.edu (Roland McGrath)
Distribution: gnu
Organization: Hackers Anonymous International, Ltd., Inc. (Applications welcome)
Lines: 21

Unix-domain sockets are removed by unlink, so a rm command and probably
the Emacs-Lisp delete-file function will remove them.

) With the recent virus attacks in mind, it seems that leaving this
) socket open could present a potential problem.

You are completely wrong.  You are, of course, free to run around
removing .emacsserver sockets all day if you're paranoid, but they are
harmless.

Unix-domain sockets, just like Internet sockets, need listeners in order
to be used by any client.  If there is an existing socket with protection
777 in your home directory, some server process may be able to use that
as the binding for its Unix-domain socket, but all a client using this
socket will have access to is whatever that server process gives it.
So unless you run a server that opens a shell to clients using that
socket, or root does, there is no security problem (if you happen to care
about those, which most non-paranoid people don't).
	Roland McGrath

roland@wheaties.ai.mit.edu, mit-eddie!wheaties.ai.mit.edu!roland