From: Eli Zaretskii <eliz@gnu.org>
To: Paul Eggert <eggert@cs.ucla.edu>, John Wiegley <johnw@gnu.org>,
Stefan Monnier <monnier@iro.umontreal.ca>
Cc: p.stephani2@gmail.com, 27986@debbugs.gnu.org, rms@gnu.org
Subject: bug#27986: 26.0.50; 'rename-file' can rename files without confirmation
Date: Wed, 16 Aug 2017 20:30:44 +0300 [thread overview]
Message-ID: <83efsbfmij.fsf@gnu.org> (raw)
In-Reply-To: <c94cf6df-829c-8020-73bc-0417fc940c60@cs.ucla.edu> (message from Paul Eggert on Wed, 16 Aug 2017 10:19:35 -0700)
> Cc: p.stephani2@gmail.com, 27986@debbugs.gnu.org
> From: Paul Eggert <eggert@cs.ucla.edu>
> Date: Wed, 16 Aug 2017 10:19:35 -0700
>
> > What's more, some of the use cases will not even
> > signal an error after the change, they will instead silently do
> > something different from the previous versions, which is really bad.
>
> This should be quite rare. The only scenario I see matching your concern is if
> the source is a directory, the destination is not a directory name but is an
> empty directory and is not a symlink, and the destination is not a descendant of
> the source. Although not impossible, this will happen so rarely that it doesn't
> invalidate the proposed change.
I don't think we know how rare that is. And if it is very rare, I'm
not sure it's better, because it means such problems might go
unnoticed and/or unfixed for years.
> I've looked at this issue fairly carefully, and I'm afraid the solution I've
> proposed is the best way forward if we want to close the security hole in Emacs.
Let's hear more opinions, okay?
next prev parent reply other threads:[~2017-08-16 17:30 UTC|newest]
Thread overview: 55+ messages / expand[flat|nested] mbox.gz Atom feed top
2017-08-06 15:40 bug#27986: 26.0.50; `rename-file' can rename files without confirmation Philipp
2017-08-06 17:05 ` Eli Zaretskii
2017-08-14 17:09 ` Philipp Stephani
2017-08-14 17:22 ` Eli Zaretskii
2017-08-11 8:15 ` bug#27986: 26.0.50; 'rename-file' " Paul Eggert
2017-08-13 22:42 ` Paul Eggert
2017-08-14 15:40 ` Eli Zaretskii
2017-08-14 23:31 ` Paul Eggert
2017-08-15 16:04 ` Eli Zaretskii
2017-08-15 17:24 ` Paul Eggert
2017-08-15 17:42 ` Eli Zaretskii
2017-08-15 19:27 ` Paul Eggert
2017-08-16 2:36 ` Eli Zaretskii
2017-08-16 5:06 ` Paul Eggert
2017-08-16 14:21 ` Eli Zaretskii
2017-08-16 15:15 ` Paul Eggert
2017-08-16 16:06 ` Eli Zaretskii
2017-08-16 17:19 ` Paul Eggert
2017-08-16 17:30 ` Eli Zaretskii [this message]
2017-08-16 18:06 ` Glenn Morris
2017-08-16 22:31 ` Stefan Monnier
2017-08-16 23:56 ` Paul Eggert
2017-08-17 0:04 ` Stefan Monnier
2017-08-19 6:54 ` Eli Zaretskii
2017-09-10 22:49 ` Paul Eggert
2017-09-11 6:07 ` Paul Eggert
2017-09-11 14:47 ` Eli Zaretskii
2017-09-11 16:45 ` Paul Eggert
2017-09-11 17:09 ` Eli Zaretskii
2017-09-11 17:25 ` Paul Eggert
2017-09-12 9:25 ` Michael Albinus
2017-08-13 23:48 ` Paul Eggert
2017-08-14 13:44 ` Ken Brown
2017-08-14 15:21 ` Eli Zaretskii
2017-08-14 15:34 ` Eli Zaretskii
2017-08-14 16:33 ` Eli Zaretskii
2017-08-14 16:58 ` Philipp Stephani
2017-08-14 17:04 ` Eli Zaretskii
2017-08-14 16:50 ` Philipp Stephani
2017-08-14 23:03 ` Paul Eggert
2017-08-15 1:19 ` Paul Eggert
2017-08-15 2:35 ` Eli Zaretskii
2017-08-15 7:00 ` Paul Eggert
2017-08-15 16:08 ` Eli Zaretskii
2017-08-16 19:33 ` Ken Brown
2017-08-19 21:30 ` Ken Brown
2017-08-19 21:37 ` Paul Eggert
2017-08-19 22:04 ` Ken Brown
2017-08-19 22:38 ` Paul Eggert
2017-08-15 12:45 ` Andy Moreton
2017-08-15 16:18 ` Eli Zaretskii
2017-08-19 21:33 ` bug#27986: 26.0.50; 'rename-file' can rename files without Richard Stallman
2017-08-20 2:37 ` Eli Zaretskii
2017-08-25 20:33 ` John Wiegley
2017-08-26 7:30 ` Eli Zaretskii
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
List information: https://www.gnu.org/software/emacs/
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=83efsbfmij.fsf@gnu.org \
--to=eliz@gnu.org \
--cc=27986@debbugs.gnu.org \
--cc=eggert@cs.ucla.edu \
--cc=johnw@gnu.org \
--cc=monnier@iro.umontreal.ca \
--cc=p.stephani2@gmail.com \
--cc=rms@gnu.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
Code repositories for project(s) associated with this public inbox
https://git.savannah.gnu.org/cgit/emacs.git
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).