From mboxrd@z Thu Jan 1 00:00:00 1970 Path: news.gmane.io!.POSTED.blaine.gmane.org!not-for-mail From: Marcin Borkowski Newsgroups: gmane.emacs.help Subject: Re: Emacs in a Corporate Environment Date: Sat, 15 Apr 2023 08:10:46 +0200 Message-ID: <87jzyd65g9.fsf@mbork.pl> References: <87pm876e9j.fsf@mbork.pl> <873552sf7u.fsf@gmx.de> Mime-Version: 1.0 Content-Type: text/plain Injection-Info: ciao.gmane.io; posting-host="blaine.gmane.org:116.202.254.214"; logging-data="36595"; mail-complaints-to="usenet@ciao.gmane.io" User-Agent: mu4e 1.1.0; emacs 30.0.50 Cc: Corwin Brust , Yuan Cao , help-gnu-emacs@gnu.org, John Yates To: Michael Albinus Original-X-From: help-gnu-emacs-bounces+geh-help-gnu-emacs=m.gmane-mx.org@gnu.org Sat Apr 15 08:12:09 2023 Return-path: Envelope-to: geh-help-gnu-emacs@m.gmane-mx.org Original-Received: from lists.gnu.org ([209.51.188.17]) by ciao.gmane.io with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.92) (envelope-from ) id 1pnZ8r-0009Kw-7r for geh-help-gnu-emacs@m.gmane-mx.org; Sat, 15 Apr 2023 08:12:09 +0200 Original-Received: from localhost ([::1] helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1pnZ8E-0002fJ-AX; Sat, 15 Apr 2023 02:11:30 -0400 Original-Received: from eggs.gnu.org ([2001:470:142:3::10]) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1pnZ81-0002eg-C8 for help-gnu-emacs@gnu.org; Sat, 15 Apr 2023 02:11:17 -0400 Original-Received: from mail.mojserwer.eu ([195.110.48.8]) by eggs.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1pnZ7l-0002Sd-Bh for help-gnu-emacs@gnu.org; Sat, 15 Apr 2023 02:11:17 -0400 Original-Received: from localhost (localhost [127.0.0.1]) by mail.mojserwer.eu (Postfix) with ESMTP id CEAC916788FA; Sat, 15 Apr 2023 08:10:56 +0200 (CEST) X-Virus-Scanned: Debian amavisd-new at mail.mojserwer.eu Original-Received: from mail.mojserwer.eu ([127.0.0.1]) by localhost (mail.mojserwer.eu [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id KYyHXSnnuFnN; Sat, 15 Apr 2023 08:10:52 +0200 (CEST) Original-Received: from localhost (178235147037.dynamic-3-poz-k-0-1-0.vectranet.pl [178.235.147.37]) by mail.mojserwer.eu (Postfix) with ESMTPSA id 4CE571A008BD; Sat, 15 Apr 2023 08:10:51 +0200 (CEST) In-reply-to: <873552sf7u.fsf@gmx.de> Received-SPF: pass client-ip=195.110.48.8; envelope-from=mbork@mbork.pl; helo=mail.mojserwer.eu X-Spam_score_int: -25 X-Spam_score: -2.6 X-Spam_bar: -- X-Spam_report: (-2.6 / 5.0 requ) BAYES_00=-1.9, RCVD_IN_DNSWL_LOW=-0.7, RCVD_IN_MSPIKE_H3=0.001, RCVD_IN_MSPIKE_WL=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01 autolearn=ham autolearn_force=no X-Spam_action: no action X-BeenThere: help-gnu-emacs@gnu.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: Users list for the GNU Emacs text editor List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: help-gnu-emacs-bounces+geh-help-gnu-emacs=m.gmane-mx.org@gnu.org Original-Sender: help-gnu-emacs-bounces+geh-help-gnu-emacs=m.gmane-mx.org@gnu.org Xref: news.gmane.io gmane.emacs.help:143268 Archived-At: On 2023-04-14, at 16:36, Michael Albinus wrote: > Marcin Borkowski writes: > > Hi Marcin, > >>> Hopefully, others will answer and/or help corroborate (or refine) my >>> answers. Don't be embarrassed. It's embarrassing that >> >> I guess some internet beast swallowed the rest of your letter, but >> I second the message that OP should /not/ be embarrassed. Silly jokes >> aside, the question is a valid one. In fact, there is one area I am >> a bit afraid of wrt Emacs & security, and if I may hijack the thread (a >> bit), let me ask this: if I edit remote files via TRAMP, can I be sure >> not even partial copy of data from the server ends up on my local drive, >> e.g. in /tmp? > > You can be sure that a copy of your remote data end up in your local > drive in /tmp. Tramp is busy to clenaup after the operations, but there > is no guarantee that it will cover everything. And if somebody calls > `file-local-copy' of a remote file, this ends up in your /tmp by > intention of the caller. Thanks for the info. This doesn't look very bad to me, as my `/tmp` resides in RAM, but still -- good to know. I might want to add cleaning up `/tmp` to things I do when I leave work. >> Also, one area one should be probably /very/ careful are packages which >> save "Emacs session" to disk. If the "session" includes the kill ring, >> it may happen (/especially/ if one uses TRAMP to edit remote .env files >> and similar stuff) that some password ends up there, which could be >> a /very/ serious leakage. > > I cannot speak about environment files, but Tramp is very careful about > passwords. It has delegated password handling completely to > auth-source.el, which manages all kind of passwords, locally or > remote. So passwords is not an exclusive Tramp problem. Sounds good -- but again, I'm talking about e.g. killing and yanking passwords. I imagine this is less of a problem in "traditional" editors using the concept of "clipboard" which can hold one item -- but Emacs has the kill ring which has a long memory... I sometimes use `browse-kill-ring` to clear it, and I don't use any "session saving", but this is something that I think needs to be taken into account. Best, -- Marcin Borkowski http://mbork.pl