From mboxrd@z Thu Jan  1 00:00:00 1970
Path: news.gmane.org!not-for-mail
From: David Kastrup <dak@gnu.org>
Newsgroups: gmane.emacs.devel,gmane.emacs.pretest.bugs
Subject: Re: creating backups in temporary directories
Date: Sun, 09 Sep 2007 21:45:12 +0200
Message-ID: <85wsuzoc6v.fsf@lola.goethe.zz>
References: <a9691ee20709070342w43d278cfmd4ca133068d35221@mail.gmail.com>
	<85sl5q5vy6.fsf@lola.goethe.zz>
	<jwvfy1q4axa.fsf-monnier+emacs@gnu.org>
	<E1IU6Hp-0002hl-De@fencepost.gnu.org>
	<jwv4pi3fwy8.fsf-monnier+emacs@gnu.org>
NNTP-Posting-Host: lo.gmane.org
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
X-Trace: sea.gmane.org 1189371138 5496 80.91.229.12 (9 Sep 2007 20:52:18 GMT)
X-Complaints-To: usenet@sea.gmane.org
NNTP-Posting-Date: Sun, 9 Sep 2007 20:52:18 +0000 (UTC)
Cc: emacs-pretest-bug@gnu.org, christopher.ian.moore@gmail.com, rms@gnu.org
To: Stefan Monnier <monnier@iro.umontreal.ca>
Original-X-From: emacs-devel-bounces+ged-emacs-devel=m.gmane.org@gnu.org Mon Sep 10 06:52:05 2007
Return-path: <emacs-devel-bounces+ged-emacs-devel=m.gmane.org@gnu.org>
Envelope-to: ged-emacs-devel@m.gmane.org
Original-Received: from lists.gnu.org ([199.232.76.165])
	by lo.gmane.org with esmtp (Exim 4.50)
	id 1IUaDL-0000fL-9R
	for ged-emacs-devel@m.gmane.org; Mon, 10 Sep 2007 05:45:31 +0200
Original-Received: from localhost ([127.0.0.1] helo=lists.gnu.org)
	by lists.gnu.org with esmtp (Exim 4.43)
	id 1IUSiy-0004Ro-Gh
	for ged-emacs-devel@m.gmane.org; Sun, 09 Sep 2007 15:45:40 -0400
Original-Received: from mailman by lists.gnu.org with tmda-scanned (Exim 4.43)
	id 1IUSim-0004O5-LD
	for emacs-devel@gnu.org; Sun, 09 Sep 2007 15:45:28 -0400
Original-Received: from exim by lists.gnu.org with spam-scanned (Exim 4.43)
	id 1IUSik-0004NC-H8
	for emacs-devel@gnu.org; Sun, 09 Sep 2007 15:45:27 -0400
Original-Received: from [199.232.76.173] (helo=monty-python.gnu.org)
	by lists.gnu.org with esmtp (Exim 4.43) id 1IUSik-0004Mz-8y
	for emacs-devel@gnu.org; Sun, 09 Sep 2007 15:45:26 -0400
Original-Received: from fencepost.gnu.org ([140.186.70.10])
	by monty-python.gnu.org with esmtp (Exim 4.60)
	(envelope-from <dak@gnu.org>) id 1IUSij-0008UX-I6
	for emacs-devel@gnu.org; Sun, 09 Sep 2007 15:45:25 -0400
Original-Received: from monty-python.gnu.org ([199.232.76.173])
	by fencepost.gnu.org with esmtp (Exim 4.60)
	(envelope-from <dak@gnu.org>) id 1IUSiN-0007Rq-CP
	for emacs-pretest-bug@gnu.org; Sun, 09 Sep 2007 15:45:03 -0400
Original-Received: from Debian-exim by monty-python.gnu.org with spam-scanned (Exim
	4.60) (envelope-from <dak@gnu.org>) id 1IUSia-0008S1-Jt
	for emacs-pretest-bug@gnu.org; Sun, 09 Sep 2007 15:45:24 -0400
Original-Received: from mail-in-03.arcor-online.net ([151.189.21.43])
	by monty-python.gnu.org with esmtps
	(TLS-1.0:DHE_RSA_AES_256_CBC_SHA1:32) (Exim 4.60)
	(envelope-from <dak@gnu.org>)
	id 1IUSia-0008RF-5J; Sun, 09 Sep 2007 15:45:16 -0400
Original-Received: from mail-in-14-z2.arcor-online.net (mail-in-14-z2.arcor-online.net
	[151.189.8.31])
	by mail-in-03.arcor-online.net (Postfix) with ESMTP id 3D0A83427C9;
	Sun,  9 Sep 2007 21:45:14 +0200 (CEST)
Original-Received: from mail-in-01.arcor-online.net (mail-in-01.arcor-online.net
	[151.189.21.41])
	by mail-in-14-z2.arcor-online.net (Postfix) with ESMTP id 143E8100B9;
	Sun,  9 Sep 2007 21:45:14 +0200 (CEST)
Original-Received: from lola.goethe.zz (dslb-084-061-049-189.pools.arcor-ip.net
	[84.61.49.189])
	by mail-in-01.arcor-online.net (Postfix) with ESMTP id CE0C319B322;
	Sun,  9 Sep 2007 21:45:13 +0200 (CEST)
Original-Received: by lola.goethe.zz (Postfix, from userid 1002)
	id AD18F1CAD717; Sun,  9 Sep 2007 21:45:12 +0200 (CEST)
In-Reply-To: <jwv4pi3fwy8.fsf-monnier+emacs@gnu.org> (Stefan Monnier's message
	of "Sun\, 09 Sep 2007 15\:41\:44 -0400")
User-Agent: Gnus/5.11 (Gnus v5.11) Emacs/22.1.50 (gnu/linux)
X-Virus-Scanned: ClamAV 0.91.2/4211/Sun Sep 9 20:00:22 2007 on
	mail-in-01.arcor-online.net
X-Virus-Status: Clean
X-Detected-Kernel: Linux 2.4-2.6
X-Detected-Kernel: Linux 2.6, seldom 2.4 (older, 4)
X-BeenThere: emacs-devel@gnu.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: "Emacs development discussions." <emacs-devel.gnu.org>
List-Unsubscribe: <http://lists.gnu.org/mailman/listinfo/emacs-devel>,
	<mailto:emacs-devel-request@gnu.org?subject=unsubscribe>
List-Archive: <http://lists.gnu.org/pipermail/emacs-devel>
List-Post: <mailto:emacs-devel@gnu.org>
List-Help: <mailto:emacs-devel-request@gnu.org?subject=help>
List-Subscribe: <http://lists.gnu.org/mailman/listinfo/emacs-devel>,
	<mailto:emacs-devel-request@gnu.org?subject=subscribe>
Original-Sender: emacs-devel-bounces+ged-emacs-devel=m.gmane.org@gnu.org
Errors-To: emacs-devel-bounces+ged-emacs-devel=m.gmane.org@gnu.org
Xref: news.gmane.org gmane.emacs.devel:78343 gmane.emacs.pretest.bugs:19795
Archived-At: <http://permalink.gmane.org/gmane.emacs.devel/78343>

Stefan Monnier <monnier@iro.umontreal.ca> writes:

>>     Worse yet: creating backup files in /tmp would be a security hole:
>>     some other user seeing you're currently editing /tmp/foo could create
>>     a symlink /tmp/foo~ to some interesting place and then when you save your
>>     file the backup could be placed at that interesting place chosen by
>>     the attacker.
>
>> Is that equally true for any directory that others can write?
>
> Yes.

Well, there is sort of a difference: /tmp and similar are
world-writable because of technical reasons.  Other directories might
be accessible to more than one person (usually group-accessible)
creating an explicit location for cooperation.  So malicious attacks
are not as much anticipated there, also because they are not generally
available (/tmp and /var/tmp are on pretty much every system).

-- 
David Kastrup, Kriemhildstr. 15, 44793 Bochum