From mboxrd@z Thu Jan  1 00:00:00 1970
Path: news.gmane.org!not-for-mail
From: Richard Stallman <rms@gnu.org>
Newsgroups: gmane.emacs.devel,gmane.emacs.pretest.bugs
Subject: Re: creating backups in temporary directories
Date: Sun, 09 Sep 2007 21:12:31 -0400
Message-ID: <E1IUXpH-00075m-Rr@fencepost.gnu.org>
References: <a9691ee20709070342w43d278cfmd4ca133068d35221@mail.gmail.com>
	<85sl5q5vy6.fsf@lola.goethe.zz>
	<jwvfy1q4axa.fsf-monnier+emacs@gnu.org>
	<E1IU6Hp-0002hl-De@fencepost.gnu.org>
	<jwv4pi3fwy8.fsf-monnier+emacs@gnu.org>
Reply-To: rms@gnu.org
NNTP-Posting-Host: lo.gmane.org
Content-Type: text/plain; charset=ISO-8859-15
X-Trace: sea.gmane.org 1189390260 16230 80.91.229.12 (10 Sep 2007 02:11:00 GMT)
X-Complaints-To: usenet@sea.gmane.org
NNTP-Posting-Date: Mon, 10 Sep 2007 02:11:00 +0000 (UTC)
Cc: christopher.ian.moore@gmail.com, emacs-pretest-bug@gnu.org
To: Stefan Monnier <monnier@iro.umontreal.ca>
Original-X-From: emacs-devel-bounces+ged-emacs-devel=m.gmane.org@gnu.org Mon Sep 10 12:10:42 2007
Return-path: <emacs-devel-bounces+ged-emacs-devel=m.gmane.org@gnu.org>
Envelope-to: ged-emacs-devel@m.gmane.org
Original-Received: from lists.gnu.org ([199.232.76.165])
	by lo.gmane.org with esmtp (Exim 4.50)
	id 1IUfK6-00043w-N3
	for ged-emacs-devel@m.gmane.org; Mon, 10 Sep 2007 11:12:50 +0200
Original-Received: from localhost ([127.0.0.1] helo=lists.gnu.org)
	by lists.gnu.org with esmtp (Exim 4.43)
	id 1IUXpk-0000PQ-5x
	for ged-emacs-devel@m.gmane.org; Sun, 09 Sep 2007 21:13:00 -0400
Original-Received: from mailman by lists.gnu.org with tmda-scanned (Exim 4.43)
	id 1IUXpg-0000P9-Iv
	for emacs-devel@gnu.org; Sun, 09 Sep 2007 21:12:56 -0400
Original-Received: from exim by lists.gnu.org with spam-scanned (Exim 4.43)
	id 1IUXpf-0000Oo-1i
	for emacs-devel@gnu.org; Sun, 09 Sep 2007 21:12:56 -0400
Original-Received: from [199.232.76.173] (helo=monty-python.gnu.org)
	by lists.gnu.org with esmtp (Exim 4.43) id 1IUXpe-0000Ol-VH
	for emacs-devel@gnu.org; Sun, 09 Sep 2007 21:12:55 -0400
Original-Received: from fencepost.gnu.org ([140.186.70.10])
	by monty-python.gnu.org with esmtp (Exim 4.60)
	(envelope-from <rms@gnu.org>) id 1IUXpe-0006cY-Q1
	for emacs-devel@gnu.org; Sun, 09 Sep 2007 21:12:54 -0400
Original-Received: from rms by fencepost.gnu.org with local (Exim 4.60)
	(envelope-from <rms@gnu.org>)
	id 1IUXpH-00075m-Rr; Sun, 09 Sep 2007 21:12:31 -0400
In-reply-to: <jwv4pi3fwy8.fsf-monnier+emacs@gnu.org> (message from Stefan
	Monnier on Sun, 09 Sep 2007 15:41:44 -0400)
X-Detected-Kernel: Linux 2.6, seldom 2.4 (older, 4)
X-BeenThere: emacs-devel@gnu.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: "Emacs development discussions." <emacs-devel.gnu.org>
List-Unsubscribe: <http://lists.gnu.org/mailman/listinfo/emacs-devel>,
	<mailto:emacs-devel-request@gnu.org?subject=unsubscribe>
List-Archive: <http://lists.gnu.org/pipermail/emacs-devel>
List-Post: <mailto:emacs-devel@gnu.org>
List-Help: <mailto:emacs-devel-request@gnu.org?subject=help>
List-Subscribe: <http://lists.gnu.org/mailman/listinfo/emacs-devel>,
	<mailto:emacs-devel-request@gnu.org?subject=subscribe>
Original-Sender: emacs-devel-bounces+ged-emacs-devel=m.gmane.org@gnu.org
Errors-To: emacs-devel-bounces+ged-emacs-devel=m.gmane.org@gnu.org
Xref: news.gmane.org gmane.emacs.devel:78391 gmane.emacs.pretest.bugs:19806
Archived-At: <http://permalink.gmane.org/gmane.emacs.devel/78391>

    >     Worse yet: creating backup files in /tmp would be a security hole:
    >     some other user seeing you're currently editing /tmp/foo could create
    >     a symlink /tmp/foo~ to some interesting place and then when you save your
    >     file the backup could be placed at that interesting place chosen by
    >     the attacker.

    > Is that equally true for any directory that others can write?

    Yes.

This means that the practice of not making backup files in /tmp
is not a solution for the problem.

Is there any solution?

(I think the motive for not making backup files in /tmp
was just that it seemed pointless.)