From mboxrd@z Thu Jan 1 00:00:00 1970 Path: news.gmane.io!.POSTED.blaine.gmane.org!not-for-mail From: Manuel Giraud via "Bug reports for GNU Emacs, the Swiss army knife of text editors" Newsgroups: gmane.emacs.bugs Subject: bug#62260: 30.0.50; [PATCH] Restrict auto-save file mode Date: Sun, 19 Mar 2023 12:43:02 +0100 Message-ID: <87edplm0ft.fsf@ledu-giraud.fr> References: <87v8iynl5c.fsf@ledu-giraud.fr> <83h6uiawvv.fsf@gnu.org> <87r0tlnbtz.fsf@ledu-giraud.fr> <83bkkpc2x6.fsf@gnu.org> <83a609c2q7.fsf@gnu.org> <87ilexn9tc.fsf@ledu-giraud.fr> <838rftbzj3.fsf@gnu.org> <837cvdbykw.fsf@gnu.org> Reply-To: Manuel Giraud Mime-Version: 1.0 Content-Type: text/plain Injection-Info: ciao.gmane.io; posting-host="blaine.gmane.org:116.202.254.214"; logging-data="39839"; mail-complaints-to="usenet@ciao.gmane.io" User-Agent: Gnus/5.13 (Gnus v5.13) Cc: 62260@debbugs.gnu.org To: Eli Zaretskii Original-X-From: bug-gnu-emacs-bounces+geb-bug-gnu-emacs=m.gmane-mx.org@gnu.org Sun Mar 19 12:44:25 2023 Return-path: Envelope-to: geb-bug-gnu-emacs@m.gmane-mx.org Original-Received: from lists.gnu.org ([209.51.188.17]) by ciao.gmane.io with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.92) (envelope-from ) id 1pdrSa-000A7y-8q for geb-bug-gnu-emacs@m.gmane-mx.org; Sun, 19 Mar 2023 12:44:24 +0100 Original-Received: from localhost ([::1] helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1pdrSG-0002lj-F3; Sun, 19 Mar 2023 07:44:04 -0400 Original-Received: from eggs.gnu.org ([2001:470:142:3::10]) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1pdrSE-0002lG-OW for bug-gnu-emacs@gnu.org; Sun, 19 Mar 2023 07:44:02 -0400 Original-Received: from debbugs.gnu.org ([209.51.188.43]) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.90_1) (envelope-from ) id 1pdrSE-00030Q-7s for bug-gnu-emacs@gnu.org; Sun, 19 Mar 2023 07:44:02 -0400 Original-Received: from Debian-debbugs by debbugs.gnu.org with local (Exim 4.84_2) (envelope-from ) id 1pdrSD-0000LG-Ua for bug-gnu-emacs@gnu.org; Sun, 19 Mar 2023 07:44:01 -0400 X-Loop: help-debbugs@gnu.org Resent-From: Manuel Giraud Original-Sender: "Debbugs-submit" Resent-CC: bug-gnu-emacs@gnu.org Resent-Date: Sun, 19 Mar 2023 11:44:01 +0000 Resent-Message-ID: Resent-Sender: help-debbugs@gnu.org X-GNU-PR-Message: followup 62260 X-GNU-PR-Package: emacs X-GNU-PR-Keywords: patch Original-Received: via spool by 62260-submit@debbugs.gnu.org id=B62260.16792261901239 (code B ref 62260); Sun, 19 Mar 2023 11:44:01 +0000 Original-Received: (at 62260) by debbugs.gnu.org; 19 Mar 2023 11:43:10 +0000 Original-Received: from localhost ([127.0.0.1]:49572 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1pdrRO-0000Js-5l for submit@debbugs.gnu.org; Sun, 19 Mar 2023 07:43:10 -0400 Original-Received: from ledu-giraud.fr ([51.159.28.247]:32755) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1pdrRL-0000Is-OQ for 62260@debbugs.gnu.org; Sun, 19 Mar 2023 07:43:08 -0400 DKIM-Signature: v=1; a=ed25519-sha256; c=simple/simple; s=ed25519; bh=QzBSNRAW msUzT7IR992vfcbswT6b3DAz3QHymqBY6PA=; h=date:references:in-reply-to: subject:cc:to:from; d=ledu-giraud.fr; b=2QQSopD/vPtJA2nt67EaGNnK+vw7VM Y23d5rtA5YTKLjj7YkeTF+kNUeeYgaoruejMHVnDJoiFFAGAOzrd8GCg== DKIM-Signature: v=1; a=rsa-sha256; c=simple/simple; s=rsa; bh=QzBSNRAWmsUzT7IR 992vfcbswT6b3DAz3QHymqBY6PA=; h=date:references:in-reply-to:subject: cc:to:from; d=ledu-giraud.fr; b=UBYLNV05jcSCllcS+2O9Van0FB6emY6cUzr/4D Jcwr6v9cgGpIGqnGWkeVafFBbKPmppd88Gx5jLav+ajyd+6xc+ZjSzwzYz+5yRzpeGAUlT RzIYqUrutyMhnU1FYzDP721yzY2N+fT+SPJQG4gOKLXMDuWyWSvk6Z1I8Lbqo2U0Y/x6Jf 40q2Om2wSRz8s2VdsdfVxq1VPFoLzfGdzJkWMMmrrYXPxwRAcH+u25n+Uy0gqmryCtAojt BUEqhDZEWQokThUX5DtxtkomqJ+fOA87JQaksIRCItZvL7CygsPbNIfbCHPcGA9AWoC2Mu Mrk1LbYVCEl5nU7DtHmSK1lw== Original-Received: from computer ( [10.1.1.1]) by ledu-giraud.fr (OpenSMTPD) with ESMTPSA id 2597fbb9 (TLSv1.3:TLS_AES_256_GCM_SHA384:256:NO); Sun, 19 Mar 2023 12:43:05 +0100 (CET) In-Reply-To: <837cvdbykw.fsf@gnu.org> (Eli Zaretskii's message of "Sat, 18 Mar 2023 22:21:03 +0200") X-BeenThere: debbugs-submit@debbugs.gnu.org X-Mailman-Version: 2.1.18 Precedence: list X-BeenThere: bug-gnu-emacs@gnu.org List-Id: "Bug reports for GNU Emacs, the Swiss army knife of text editors" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: bug-gnu-emacs-bounces+geb-bug-gnu-emacs=m.gmane-mx.org@gnu.org Original-Sender: bug-gnu-emacs-bounces+geb-bug-gnu-emacs=m.gmane-mx.org@gnu.org Xref: news.gmane.io gmane.emacs.bugs:258228 Archived-At: Eli Zaretskii writes: >> Cc: 62260@debbugs.gnu.org >> Date: Sat, 18 Mar 2023 22:00:32 +0200 >> From: Eli Zaretskii >> >> > With this patch, the /tmp directory now contains an auto-save file with >> > mode 0600. >> >> When a buffer visits a file, its auto-save file should have the same >> mode bits as the file itself (modulo your umask). I see no need to >> affect that part in any case. If the file itself is not private, why >> should its auto-save file be private? Also, there's >> auto-save-visited-mode. > > More generally: what problems are you trying to solve here? If this > code causes some problems, please describe them, and let's see whether > and how we should fix them. You're right. I should have start from here. So it all start with a recurring message I get from TRAMP whenever I access a root file (via sudo method) for the first time. It asks: "Autosave file on local temporary directory, do you want to continue?" I answer "yes" but it seems that it can potentially leak root data through auto-save files. Looking at the code that asks this question (tramp.el:6528), I see that I can set 'tramp-allow-unsafe-temporary-files' to t and I won't see the question again... but the leakage is still possible. So I guess what I want is an option to stop auto-save entirely in those cases. >From there, I've looked at how auto-save work and I ask myself: "maybe instead of such an option, I could limit others rights on auto-save files". And that's how I came up with this patch. -- Manuel Giraud