[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[elpa] externals-release/org 3176ed9052: org-persist: Never write data a
From: |
ELPA Syncer |
Subject: |
[elpa] externals-release/org 3176ed9052: org-persist: Never write data associated with encrypted files |
Date: |
Wed, 7 Dec 2022 08:58:05 -0500 (EST) |
branch: externals-release/org
commit 3176ed9052a9744109b9201154401db64afa2173
Author: Ihor Radchenko <yantar92@posteo.net>
Commit: Ihor Radchenko <yantar92@posteo.net>
org-persist: Never write data associated with encrypted files
* lisp/org-persist.el (org-persist-write): Do not write data
associated with gpg-encrypted files. This will avoid data leakage.
(org-persist--storage-version): Bump storage version to invalidate
previously stored, potentially leaked, data.
Reported-by: Clément Pit-Claudel <clement.pitclaudel@live.com>
---
lisp/org-persist.el | 15 +++++++++++----
1 file changed, 11 insertions(+), 4 deletions(-)
diff --git a/lisp/org-persist.el b/lisp/org-persist.el
index 108292f1e9..1a32ed0102 100644
--- a/lisp/org-persist.el
+++ b/lisp/org-persist.el
@@ -161,7 +161,7 @@
(declare-function org-at-heading-p "org" (&optional invisible-not-ok))
-(defconst org-persist--storage-version "2.5"
+(defconst org-persist--storage-version "2.7"
"Persistent storage layout version.")
(defgroup org-persist nil
@@ -856,9 +856,16 @@ When IGNORE-RETURN is non-nil, just return t on success
without calling
(setq associated (org-persist--normalize-associated (get-file-buffer
(plist-get associated :file)))))
(let ((collection (org-persist--get-collection container associated)))
(setf collection (plist-put collection :associated associated))
- (unless (seq-find (lambda (v)
- (run-hook-with-args-until-success
'org-persist-before-write-hook v associated))
- (plist-get collection :container))
+ (unless (or
+ ;; Prevent data leakage from encrypted files.
+ ;; We do it in somewhat paranoid manner and do not
+ ;; allow anything related to encrypted files to be
+ ;; written.
+ (and (plist-get associated :file)
+ (string-match-p epa-file-name-regexp (plist-get associated
:file)))
+ (seq-find (lambda (v)
+ (run-hook-with-args-until-success
'org-persist-before-write-hook v associated))
+ (plist-get collection :container)))
(when (or (file-exists-p org-persist-directory)
(org-persist--save-index))
(let ((file (org-file-name-concat org-persist-directory (plist-get
collection :persist-file)))
(data (mapcar (lambda (c) (cons c (org-persist-write:generic c
collection)))
[Prev in Thread] |
Current Thread |
[Next in Thread] |
- [elpa] externals-release/org 3176ed9052: org-persist: Never write data associated with encrypted files,
ELPA Syncer <=