From: Michael Albinus <michael.albinus@gmx.de>
To: "Vandrus Zoltán" <vandrus.zoltan@gmail.com>
Cc: 45245@debbugs.gnu.org
Subject: bug#45245: 28.0.50; Feature request: tramp sudo autosaves/backups shouldn't be exposed without right config
Date: Mon, 14 Jun 2021 11:39:42 +0200 [thread overview]
Message-ID: <877diwlr8h.fsf@gmx.de> (raw)
In-Reply-To: <8c7e2715-a54a-3c3c-c644-a20ee46cc39d@gmail.com> ("Vandrus Zoltán"'s message of "Mon, 14 Dec 2020 21:13:56 +0100")
Vandrus Zoltán <vandrus.zoltan@gmail.com> writes:
Hi Zoltán,
> It's mentioned in (tramp)Auto-save and Backup that root owned file
> could be exposed, but it would be more newbie friendly if emacs did
> the right thing without configuration. The defaults for backups are
> fine, but for autosaves are not. In emacs -Q after:
>
> C-x C-f /sudo::/tmp/secretfile
> M-x do-auto-save
>
> There is a file '/tmp/#!sudo:root@hostname:!tmp!secretfile#' owned by
> the user.
>
> Even if the defaults are fixed, there are problems. Protecting root
> owned files is somewhat complicated. For example the user might not
> use tramp from the beginning, but littering directories with backups
> and autosaves files are easily seen and can be annoying enough to look
> for a solution. Looking on the net the suggested code is some variant
> of
>
> (setq auto-save-file-name-transforms
> '((".*" ,auto-save-dir t)))
>
> (setq backup-directory-alist
> '("." ,backup-dir))
>
> And then they are fine, until they start to use tramp, because the
> autosaves/backups will be owned by the normal user even for sudo and
> su methods.
> For backups following the tramp manual is easy:
>
> (customize-set-variable
> 'tramp-backup-directory-alist backup-directory-alist)
>
> But the user could have forgotten already about the problem and never
> look there. For autosaves there is not even info on how to achieve
> something sensible.
>
> I suggest, that tramp could refuse exposing root-owned files or there
> could be an easier switch to put all autosaves/backup in the same
> directory which also deals with tramp.
>
> There is also a comparably minor problem of exposing the file name in
> the autosave files.
Finally, I've found the time to work on the problem. I've pushed a patch
to master, that Tramp asks for confirmation for the first time a
root-owned auto-save or backup file name is to be written to the local
temporary directory. This is the most common case to handle.
See also the Tramp manual patch about.
Best regards, Michael.
next prev parent reply other threads:[~2021-06-14 9:39 UTC|newest]
Thread overview: 3+ messages / expand[flat|nested] mbox.gz Atom feed top
2020-12-14 20:13 bug#45245: 28.0.50; Feature request: tramp sudo autosaves/backups shouldn't be exposed without right config Vandrus Zoltán
2021-06-14 9:39 ` Michael Albinus [this message]
2021-06-25 12:29 ` Michael Albinus
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
List information: https://www.gnu.org/software/emacs/
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=877diwlr8h.fsf@gmx.de \
--to=michael.albinus@gmx.de \
--cc=45245@debbugs.gnu.org \
--cc=vandrus.zoltan@gmail.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
Code repositories for project(s) associated with this public inbox
https://git.savannah.gnu.org/cgit/emacs.git
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).