CVE-2000-0269 in Emacs
Summary
by MITRE
Emacs 20 does not properly set permissions for a slave PTY device when starting a new subprocess, which allows local users to read or modify communications between Emacs and the subprocess.
If you want to get the best quality for vulnerability data then you always have to consider VulDB.
Analysis
by VulDB Data Team • 04/21/2026
The vulnerability identified as CVE-2000-0269 affects GNU Emacs version 20 and represents a critical permission misconfiguration issue within the terminal multiplexer subsystem. This flaw specifically manifests when Emacs creates a new subprocess and fails to properly establish secure permissions for the associated slave pseudo-terminal device. The vulnerability stems from improper privilege management during subprocess initialization, creating a security gap that enables local attackers to gain unauthorized access to communication channels between the Emacs application and its subprocesses.
The technical implementation of this vulnerability lies in the PTY (pseudo-terminal) handling mechanism within Emacs 20's subprocess management code. When Emacs launches a subprocess, it creates a master-slave PTY pair to facilitate communication between the parent process and child process. The flaw occurs because the slave PTY device is created with insufficiently restrictive permissions, typically allowing world-readable or world-writable access. This misconfiguration enables local users to establish connections to the slave PTY and intercept or manipulate data flowing between Emacs and its subprocesses, effectively creating a man-in-the-middle attack vector.
The operational impact of this vulnerability extends beyond simple information disclosure to encompass potential data manipulation and confidentiality breaches. Local attackers can exploit this weakness to monitor sensitive communications, potentially capturing passwords, configuration data, or other confidential information exchanged between Emacs and external programs. The vulnerability particularly affects environments where Emacs is used for system administration tasks, database management, or any scenario involving sensitive data processing through subprocess execution. This represents a significant risk in multi-user systems where privilege separation is critical for maintaining system integrity.
This vulnerability maps directly to CWE-732: Incorrect Permission Assignment for Critical Resource, which specifically addresses the assignment of insufficient permissions to security-critical resources. The flaw also aligns with ATT&CK technique T1059.006 for Command and Scripting Interpreter, as attackers could leverage this vulnerability to execute unauthorized commands through manipulated subprocess communications. The security implications extend to privilege escalation scenarios where an attacker might use the intercepted communications to gain deeper system access or manipulate system configurations through the compromised subprocess channels.
Mitigation strategies for this vulnerability require immediate patching of the Emacs application to version 20.1 or later, which contains the necessary permission correction code. System administrators should also implement proper access controls and monitor for unauthorized PTY usage patterns. Additional protective measures include restricting user privileges when running Emacs in multi-user environments, implementing process monitoring for suspicious PTY activity, and ensuring that subprocess execution occurs with the minimal necessary privileges. Regular security auditing of terminal multiplexer configurations and permission settings should be conducted to prevent similar issues in other applications utilizing similar PTY mechanisms. Organizations should also consider implementing network segmentation and monitoring to detect potential exploitation attempts targeting this class of vulnerability.