[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
bug#6953: 24.0.50; serious security bug in create backup files
From: |
markd |
Subject: |
bug#6953: 24.0.50; serious security bug in create backup files |
Date: |
Thu, 2 Sep 2010 00:05:30 -0700 |
Hi Glenn
Glenn Morris <rgm@gnu.org> writes:
> I don't think it is necessary for this to be configurable because it
> is just a fallback in case of error. Eg you can customize
> backup-directory-alist to control where backups normally go.
Not necessary, but useful if you have something like a very
small amount of space on the home file system or to put it in a
protected directory. Also, it's just emacs-like to have all of
this stuff in variable.
I am still concerned about the window you mention in this fix.
IMHO, it's much worse to reveal sensitive data that to just lose
changes to it. There should at least be an option to completely
disable the ~/%backup%~ functionality.
Oh, wait, it doesn't look like there is a problem with your patch,
only the comment ;-) backup-buffer-copy says:
;; Create temp files with strict access rights. It's easy to
;; loosen them later, whereas it's impossible to close the
;; time-window of loose permissions otherwise.
thanks
Mark
- bug#6953: 24.0.50; serious security bug in create backup files, Glenn Morris, 2010/09/02
- bug#6953: 24.0.50; serious security bug in create backup files, Eli Zaretskii, 2010/09/02
- bug#6953: 24.0.50; serious security bug in create backup files,
markd <=
- bug#6953: 24.0.50; serious security bug in create backup files, Glenn Morris, 2010/09/02
- bug#6953: 24.0.50; serious security bug in create backup files, Mark Diekhans, 2010/09/02
- bug#6953: 24.0.50; serious security bug in create backup files, Glenn Morris, 2010/09/07
- bug#6953: 24.0.50; serious security bug in create backup files, Stefan Monnier, 2010/09/08
- bug#6953: 24.0.50; serious security bug in create backup files, Glenn Morris, 2010/09/08
- bug#6953: 24.0.50; serious security bug in create backup files, Stefan Monnier, 2010/09/08
- bug#6953: 24.0.50; serious security bug in create backup files, Glenn Morris, 2010/09/09
- bug#6953: 24.0.50; serious security bug in create backup files, Stefan Monnier, 2010/09/09
- bug#6953: 24.0.50; serious security bug in create backup files, Glenn Morris, 2010/09/09
- bug#6953: 24.0.50; serious security bug in create backup files, Eli Zaretskii, 2010/09/13