[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
(open-dribble-file FILENAME) should be secure by default
|
From: |
Andrew M. Scott~ |
|
Subject: |
(open-dribble-file FILENAME) should be secure by default |
|
Date: |
Thu, 16 Oct 2003 15:57:02 -0700 |
Invoking (open-dribble-file "~/dribble") in my ~/.emacs, where the "~/"
directory has chmod 755 permissions creates a file dribble with chmod
permissions 644. I expected that the created dribble file should have
chmod 600 permissions by default so others can't read it, as the
dribble file can contain user passwords (e.g. if using tramp during
the debug cycle).
As a minimum, perhaps the emacs open-dribble-file docstring and emacs
*info* entry for open-dribble-file could caution against this
insecurity.
In GNU Emacs 21.3.50.1 (i686-pc-linux-gnu, X toolkit, Xaw3d scroll bars)
of 2003-10-01 on chlx022
configured using `configure '--prefix=/stor/garray/linux'
'--with-x-toolkit=yes' '--x-includes=/usr/X11R6' '--x-libraries=/usr/X11R6/lib'
'CC=gcc''
Important settings:
value of $LC_ALL: nil
value of $LC_COLLATE: nil
value of $LC_CTYPE: nil
value of $LC_MESSAGES: nil
value of $LC_MONETARY: nil
value of $LC_NUMERIC: nil
value of $LC_TIME: nil
value of $LANG: C
locale-coding-system: nil
default-enable-multibyte-characters: t
Major mode: Mail
Minor modes in effect:
tool-bar-mode: t
mouse-wheel-mode: t
menu-bar-mode: t
unify-8859-on-encoding-mode: t
line-number-mode: t
Recent input:
<help-echo> <help-echo> <help-echo> <help-echo> <help-echo>
<help-echo> <help-echo> <help-echo> <help-echo> <help-echo>
<help-echo> <help-echo> <help-echo> <help-echo> <help-echo>
<help-echo> <menu-bar> <help-menu> <report-emacs-b
ug>
Recent messages:
Loading mwheel...done
(emacs -q)
Loading tool-bar...done
Loading image...done
Loading tooltip...done
Loading emacsbug...done
| [Prev in Thread] |
Current Thread |
[Next in Thread] |
- (open-dribble-file FILENAME) should be secure by default,
Andrew M. Scott~ <=