From mboxrd@z Thu Jan 1 00:00:00 1970 Path: news.gmane.io!.POSTED.blaine.gmane.org!not-for-mail From: Vandrus =?UTF-8?Q?Zolt=C3=A1n?= Newsgroups: gmane.emacs.bugs Subject: bug#45245: 28.0.50; Feature request: tramp sudo autosaves/backups shouldn't be exposed without right config Date: Mon, 14 Dec 2020 21:13:56 +0100 Message-ID: <8c7e2715-a54a-3c3c-c644-a20ee46cc39d@gmail.com> Mime-Version: 1.0 Content-Type: text/plain; charset=iso-8859-2; format=flowed Content-Transfer-Encoding: 8bit Injection-Info: ciao.gmane.io; posting-host="blaine.gmane.org:116.202.254.214"; logging-data="19040"; mail-complaints-to="usenet@ciao.gmane.io" User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:78.0) Gecko/20100101 Thunderbird/78.4.3 To: 45245@debbugs.gnu.org Original-X-From: bug-gnu-emacs-bounces+geb-bug-gnu-emacs=m.gmane-mx.org@gnu.org Mon Dec 14 21:18:58 2020 Return-path: Envelope-to: geb-bug-gnu-emacs@m.gmane-mx.org Original-Received: from lists.gnu.org ([209.51.188.17]) by ciao.gmane.io with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.92) (envelope-from ) id 1kouJ7-0004js-4q for geb-bug-gnu-emacs@m.gmane-mx.org; Mon, 14 Dec 2020 21:18:57 +0100 Original-Received: from localhost ([::1]:46944 helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1kouJ6-0004v9-5f for geb-bug-gnu-emacs@m.gmane-mx.org; Mon, 14 Dec 2020 15:18:56 -0500 Original-Received: from eggs.gnu.org ([2001:470:142:3::10]:42488) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1kouFK-0001oE-DI for bug-gnu-emacs@gnu.org; Mon, 14 Dec 2020 15:15:02 -0500 Original-Received: from debbugs.gnu.org ([209.51.188.43]:43098) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.90_1) (envelope-from ) id 1kouFK-0005RL-2D for bug-gnu-emacs@gnu.org; Mon, 14 Dec 2020 15:15:02 -0500 Original-Received: from Debian-debbugs by debbugs.gnu.org with local (Exim 4.84_2) (envelope-from ) id 1kouFJ-0002Kb-Tz for bug-gnu-emacs@gnu.org; Mon, 14 Dec 2020 15:15:01 -0500 X-Loop: help-debbugs@gnu.org Resent-From: Vandrus =?UTF-8?Q?Zolt=C3=A1n?= Original-Sender: "Debbugs-submit" Resent-CC: bug-gnu-emacs@gnu.org Resent-Date: Mon, 14 Dec 2020 20:15:01 +0000 Resent-Message-ID: Resent-Sender: help-debbugs@gnu.org X-GNU-PR-Message: report 45245 X-GNU-PR-Package: emacs X-Debbugs-Original-To: bug-gnu-emacs@gnu.org Original-Received: via spool by submit@debbugs.gnu.org id=B.16079768488881 (code B ref -1); Mon, 14 Dec 2020 20:15:01 +0000 Original-Received: (at submit) by debbugs.gnu.org; 14 Dec 2020 20:14:08 +0000 Original-Received: from localhost ([127.0.0.1]:54644 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1kouER-0002JB-V8 for submit@debbugs.gnu.org; Mon, 14 Dec 2020 15:14:08 -0500 Original-Received: from lists.gnu.org ([209.51.188.17]:59156) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1kouEP-0002J3-Ps for submit@debbugs.gnu.org; Mon, 14 Dec 2020 15:14:06 -0500 Original-Received: from eggs.gnu.org ([2001:470:142:3::10]:42320) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1kouEP-0000XU-Ir for bug-gnu-emacs@gnu.org; Mon, 14 Dec 2020 15:14:05 -0500 Original-Received: from mail-ed1-x52c.google.com ([2a00:1450:4864:20::52c]:37774) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.90_1) (envelope-from ) id 1kouEN-0005MQ-Kh for bug-gnu-emacs@gnu.org; Mon, 14 Dec 2020 15:14:05 -0500 Original-Received: by mail-ed1-x52c.google.com with SMTP id cm17so18574949edb.4 for ; Mon, 14 Dec 2020 12:13:59 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=to:subject:from:message-id:date:user-agent:mime-version :content-transfer-encoding:content-language; bh=rXCB0NTJUTBuXOLvgrvRQJMLQPOINUY5xAXKgRFMs/c=; b=WiBCJm/Oa3mHB2t3/cvq3FwdQ4+lX3IkITVA0jADQ7Q9375ipJjkp5eEIdy0NM7fso H3gYoDPA5onz3RXdkkCNgVfbLDynyId/xfjQL6kDn50lwLVnweprbC9Wf3el5SBD29Zy U13CFiLGO2/LNB5Z36yghOUWI4baQTGBasVNA/W7tRJVd72FRgGiZGEBEzQ5VK95E1TG Ssuly5yYpmvIQujh4fCwrg144ySp/9TXxr7+1xOe00HQxpFU+ciO4UaibQ4E+mWq2jyr JZGQfJ0824K30Qq7NUx6GDnDSuzg+t9chFAXnzwJ55hSeF+DjgeibjwumlTNCQbn7ix6 2sFg== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:to:subject:from:message-id:date:user-agent :mime-version:content-transfer-encoding:content-language; bh=rXCB0NTJUTBuXOLvgrvRQJMLQPOINUY5xAXKgRFMs/c=; b=kRmBkHlwfmGbS0udI3i28dow/5xRh2DyukHLg8M73d305ATSJicTKRkqNf++ztfJm5 W/3OxrxeaZZLQh7wcadEt5EqiRqgWCasWWS3pyL7J3KkNBPTgsSCUwJuVTywaWuA9zPx QygKAZud1j5vsqfaZnCeXBvYMYhc01gLW1BafVdE+xKr2eDmVEqgYcWsGSkluRo3chc2 Uo3x1EVmss5mYc9ZKPSV10ouGyi2kMRrlj0OlaI3f6aCAhV2vNgjenP7M4AD2iWNinfi NZAIZMJk+zvlznslM1aA9wAZFtzD1FNQ+WVGcW13UYBjNLwZRjADTLZwC4e6D/0CkeBM Zs7w== X-Gm-Message-State: AOAM532x1E+CYh1p/DuCb041iC2XcTaSd5MrJRm+y5Sn5hCcbBjchznv b6rl5MbA8Q4fd4sI+G/rBxSfFfQq1LU= X-Google-Smtp-Source: ABdhPJx3i+M8r5vtgSjlbZ3pG/eua9/BjMn1JeL+jvXGsu4Aq3wdPX68VATCOFa8DoAT1XgkoK+Oig== X-Received: by 2002:aa7:c0d6:: with SMTP id j22mr11868395edp.31.1607976838414; Mon, 14 Dec 2020 12:13:58 -0800 (PST) Original-Received: from [192.168.1.101] (185-79-95-49.pool.digikabel.hu. [185.79.95.49]) by smtp.googlemail.com with ESMTPSA id e10sm14705222ejl.70.2020.12.14.12.13.57 for (version=TLS1_3 cipher=TLS_AES_128_GCM_SHA256 bits=128/128); Mon, 14 Dec 2020 12:13:57 -0800 (PST) Content-Language: hu-HU Received-SPF: pass client-ip=2a00:1450:4864:20::52c; envelope-from=vandrus.zoltan@gmail.com; helo=mail-ed1-x52c.google.com X-Spam_score_int: -20 X-Spam_score: -2.1 X-Spam_bar: -- X-Spam_report: (-2.1 / 5.0 requ) BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, FREEMAIL_FROM=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001 autolearn=ham autolearn_force=no X-Spam_action: no action X-BeenThere: debbugs-submit@debbugs.gnu.org X-Mailman-Version: 2.1.18 Precedence: list X-BeenThere: bug-gnu-emacs@gnu.org List-Id: "Bug reports for GNU Emacs, the Swiss army knife of text editors" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: bug-gnu-emacs-bounces+geb-bug-gnu-emacs=m.gmane-mx.org@gnu.org Original-Sender: "bug-gnu-emacs" Xref: news.gmane.io gmane.emacs.bugs:196106 Archived-At: It's mentioned in (tramp)Auto-save and Backup that root owned file could be exposed, but it would be more newbie friendly if emacs did the right thing without configuration. The defaults for backups are fine, but for autosaves are not. In emacs -Q after: C-x C-f /sudo::/tmp/secretfile M-x do-auto-save There is a file '/tmp/#!sudo:root@hostname:!tmp!secretfile#' owned by the user. Even if the defaults are fixed, there are problems. Protecting root owned files is somewhat complicated. For example the user might not use tramp from the beginning, but littering directories with backups and autosaves files are easily seen and can be annoying enough to look for a solution. Looking on the net the suggested code is some variant of     (setq auto-save-file-name-transforms           '((".*" ,auto-save-dir t)))     (setq backup-directory-alist          '("." ,backup-dir)) And then they are fine, until they start to use tramp, because the autosaves/backups will be owned by the normal user even for sudo and su methods. For backups following the tramp manual is easy:      (customize-set-variable       'tramp-backup-directory-alist backup-directory-alist) But the user could have forgotten already about the problem and never look there. For autosaves there is not even info on how to achieve something sensible. I suggest, that tramp could refuse exposing root-owned files or there could be an easier switch to put all autosaves/backup in the same directory which also deals with tramp. There is also a comparably minor problem of exposing the file name in the autosave files. ------------- In GNU Emacs 28.0.50 (build 2, x86_64-pc-linux-gnu, GTK+ Version 3.24.24, cairo version 1.17.4) of 2020-12-14 Repository revision: b857ea24f7bc5288faa920e6c3174cf1ee958b70 Repository branch: master Windowing system distributor 'The X.Org Foundation', version 11.0.12010000 System Description: Arch Linux Configured features: XPM JPEG TIFF GIF PNG RSVG CAIRO SOUND GPM DBUS GSETTINGS GLIB NOTIFY INOTIFY ACL GNUTLS LIBXML2 FREETYPE HARFBUZZ M17N_FLT LIBOTF ZLIB TOOLKIT_SCROLL_BARS GTK3 X11 XDBE XIM MODULES THREADS LIBSYSTEMD JSON PDUMPER LCMS2 Important settings: value of $LC_TIME: C value of $LANG: hu_HU.utf8 locale-coding-system: utf-8-unix Major mode: Fundamental Minor modes in effect: shell-dirtrack-mode: t tooltip-mode: t global-eldoc-mode: t electric-indent-mode: t mouse-wheel-mode: t tool-bar-mode: t menu-bar-mode: t file-name-shadow-mode: t global-font-lock-mode: t font-lock-mode: t blink-cursor-mode: t auto-composition-mode: t auto-encryption-mode: t auto-compression-mode: t line-number-mode: t transient-mark-mode: t Load-path shadows: None found. Features: (shadow sort mail-extr emacsbug message rmc puny dired dired-loaddefs rfc822 mml mml-sec epa derived epg epg-config gnus-util rmail rmail-loaddefs text-property-search mm-decode mm-bodies mm-encode mail-parse rfc2231 mailabbrev gmm-utils mailheader sendmail rfc2047 rfc2045 ietf-drums mm-util mail-prsvr mail-utils warnings misearch multi-isearch tramp-cmds bug-reference noutline outline mule-util info vc-hg vc-git diff-mode easy-mmode vc-bzr tramp-cache tramp-sh tramp tramp-loaddefs trampver tramp-integration files-x tramp-compat shell pcomplete comint ansi-color ring parse-time iso8601 ls-lisp format-spec auth-source cl-seq eieio eieio-core cl-macs eieio-loaddefs password-cache json map time-date subr-x cl-extra seq byte-opt gv bytecomp byte-compile cconv cl-print thingatpt help-fns radix-tree help-mode easymenu cl-loaddefs cl-lib iso-transl tooltip eldoc electric uniquify ediff-hook vc-hooks lisp-float-type mwheel term/x-win x-win term/common-win x-dnd tool-bar dnd fontset image regexp-opt fringe tabulated-list replace newcomment text-mode elisp-mode lisp-mode prog-mode register page tab-bar menu-bar rfn-eshadow isearch timer select scroll-bar mouse jit-lock font-lock syntax facemenu font-core term/tty-colors frame minibuffer cl-generic cham georgian utf-8-lang misc-lang vietnamese tibetan thai tai-viet lao korean japanese eucjp-ms cp51932 hebrew greek romanian slovak czech european ethiopic indian cyrillic chinese composite charscript charprop case-table epa-hook jka-cmpr-hook help simple abbrev obarray cl-preloaded nadvice button loaddefs faces cus-face macroexp files window text-properties overlay sha1 md5 base64 format env code-pages mule custom widget hashtable-print-readable backquote threads dbusbind inotify lcms2 dynamic-setting system-font-setting font-render-setting cairo move-toolbar gtk x-toolkit x multi-tty make-network-process emacs) Memory information: ((conses 16 94008 11777) (symbols 48 9769 1) (strings 32 35507 2034) (string-bytes 1 1116270) (vectors 16 16704) (vector-slots 8 222506 9788) (floats 8 52 269) (intervals 56 737 240) (buffers 984 16))