While going through #104 again, I noticed that webmacs' /tmp/webmacs.ipc has 755 permissions on my system. I don't know much about python's IPC server, or how it is currently used in this project, but I imagine that this could be used by other users to monitor webmacs usage. This is a little creepy, and sounds like a security issue waiting to happen (although I'm not sure anything malicious could be done through the current interface).
That said, I believe it should anyway be moved to /run/<uid> and more properly secured as part of #104.
parkouss
commented
5 years ago
While going through #104 again, I noticed that webmacs'
/tmp/webmacs.ipchas 755 permissions on my system. I don't know much about python's IPC server, or how it is currently used in this project, but I imagine that this could be used by other users to monitor webmacs usage. This is a little creepy, and sounds like a security issue waiting to happen (although I'm not sure anything malicious could be done through the current interface).That said, I believe it should anyway be moved to
/run/<uid>and more properly secured as part of #104.