Re: creating backups in temporary directories

emacs-devel

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: creating backups in temporary directories

From:	Stefan Monnier
Subject:	Re: creating backups in temporary directories
Date:	Sun, 09 Sep 2007 22:59:10 -0400
User-agent:	Gnus/5.11 (Gnus v5.11) Emacs/23.0.50 (gnu/linux)

>     But in a directory with mode 1777 when you open a file that *you* own,
>     nobody else can remove it or rename it, so normally nobody can replace it
>     with a symlink.  Emacs creates the problem when it moves /tmp/foo to
>     /tmp/foo~ at which point /tmp/foo is free for an attacker to take.

> This suggests that Emacs should always do backup by copying
> in such directories.  Would that solve the problem?

It replaces one problem by another.  More specifically, it's safe to do
a backup using copying on one condition: that there was already a backup
(owned by you).  Otherwise, we bump into the problem I mentioned originally:
some other user could see you're editing /tmp/foo and create a /tmp/foo~
symlink before you create it.


        Stefan

[Prev in Thread]

Current Thread

[Next in Thread]

Re: creating backups in temporary directories, (continued)

Prev by Date: Re: 23.0.50; interactive-form on advised commands returns compiled advice
Next by Date: RE: 23.0.50; savehist save invalid syntax
Previous by thread: Re: creating backups in temporary directories
Next by thread: Re: creating backups in temporary directories
Index(es):
- Date
- Thread