On Sun, Aug 26, 2018 at 2:57 PM Vincent Lefevre <vinc...@vinc17.net> wrote: > > On 2018-08-24 18:04:29 -0700, Chris Waters wrote: > > Ok, sorry that I can't remember *all* the ways that "su" without a > > login option is broken. Even with that, it's still plenty broken, as > > you have observed, > > No, it had worked very well for *years*, until it got broken by > dconf. That's dconf that introduced the breakage.
The fact that it had worked for years doesn't mean it was ever safe or reliable. Lots of things can work for years while having the potential for great disaster: race conditions, unsanitized input, etc. Calling su without the login option is just one more of those. > > There are simply too many things that can break when you have random > > environment variables left around pointing who-knows-where. > > In general, that's the problem of the end user. The problem here is > that environment variables are set behind his back. Programs are allowed to use the environment to communicate with each other. Programs *do*. If you assume they won't, you're likely to experience more "breakage". The problem is not with these programs; the problem is with your assumptions. > I've reported a bug against su: The behavior of su is defined by POSIX and the Single User Spec. It's not a bug. > And you're suggesting sudo while there will be the same issue. No. The sudo -e option doesn't run your editor as root; it makes a temporary copy, allows you to edit that *as yourself*, then copies the file back as root. So there's no problem. On the other hand, if you *don't* use the -e option (which I've never used), and just say "sudo emacs", then the environment is properly cleaned up, but the working directory remains. Which seems to be exactly what you were trying to achieve in the first place. But we're drifting off topic, which is emacs itself. There are, as you can see, many many ways to avoid the problem you experienced. Which was caused by your reliance on unsafe behavior. Not a bug in emacs.
