From mboxrd@z Thu Jan  1 00:00:00 1970
Path: news.gmane.org!not-for-mail
From: Glenn Morris <rgm@gnu.org>
Newsgroups: gmane.emacs.bugs
Subject: bug#6953: 24.0.50; serious security bug in create backup files
Date: Thu, 09 Sep 2010 23:06:46 -0400
Message-ID: <cswrqu2t6h.fsf@fencepost.gnu.org>
References: <yxraao3nwc6.fsf@hgwdev.cse.ucsc.edu>
	<qjbp8gpuvx.fsf@fencepost.gnu.org>
	<19583.19642.954872.847808@bugle.cse.ucsc.edu>
	<mkhbi8d1b1.fsf@fencepost.gnu.org>
	<19583.53728.357608.629758@bugle.cse.ucsc.edu>
	<moy6bdm79a.fsf@fencepost.gnu.org>
	<jwvmxrsaa9p.fsf-monnier+emacs@gnu.org>
	<4mzkvs44no.fsf@fencepost.gnu.org>
	<jwvzkvr7sy9.fsf-monnier+emacs@gnu.org>
	<ovk4mvv631.fsf@fencepost.gnu.org>
	<jwvpqwm6e7l.fsf-monnier+emacs@gnu.org>
NNTP-Posting-Host: lo.gmane.org
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
X-Trace: dough.gmane.org 1284088240 29076 80.91.229.12 (10 Sep 2010 03:10:40 GMT)
X-Complaints-To: usenet@dough.gmane.org
NNTP-Posting-Date: Fri, 10 Sep 2010 03:10:40 +0000 (UTC)
Cc: 6953@debbugs.gnu.org, Mark Diekhans <markd@soe.ucsc.edu>
To: Stefan Monnier <monnier@iro.umontreal.ca>
Original-X-From: bug-gnu-emacs-bounces+geb-bug-gnu-emacs=m.gmane.org@gnu.org Fri Sep 10 05:10:37 2010
Return-path: <bug-gnu-emacs-bounces+geb-bug-gnu-emacs=m.gmane.org@gnu.org>
Envelope-to: geb-bug-gnu-emacs@m.gmane.org
Original-Received: from lists.gnu.org ([199.232.76.165])
	by lo.gmane.org with esmtp (Exim 4.69)
	(envelope-from <bug-gnu-emacs-bounces+geb-bug-gnu-emacs=m.gmane.org@gnu.org>)
	id 1Otu0W-0004N1-FS
	for geb-bug-gnu-emacs@m.gmane.org; Fri, 10 Sep 2010 05:10:32 +0200
Original-Received: from localhost ([127.0.0.1]:52614 helo=lists.gnu.org)
	by lists.gnu.org with esmtp (Exim 4.43)
	id 1Otu0V-0006mT-Jn
	for geb-bug-gnu-emacs@m.gmane.org; Thu, 09 Sep 2010 23:10:31 -0400
Original-Received: from [140.186.70.92] (port=33346 helo=eggs.gnu.org)
	by lists.gnu.org with esmtp (Exim 4.43) id 1Otu0L-0006mJ-MS
	for bug-gnu-emacs@gnu.org; Thu, 09 Sep 2010 23:10:23 -0400
Original-Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.69)
	(envelope-from <Debian-debbugs@debbugs.gnu.org>) id 1Otu0K-0006Wf-Hl
	for bug-gnu-emacs@gnu.org; Thu, 09 Sep 2010 23:10:21 -0400
Original-Received: from debbugs.gnu.org ([140.186.70.43]:60581)
	by eggs.gnu.org with esmtp (Exim 4.69)
	(envelope-from <Debian-debbugs@debbugs.gnu.org>) id 1Otu0K-0006WV-GP
	for bug-gnu-emacs@gnu.org; Thu, 09 Sep 2010 23:10:20 -0400
Original-Received: from Debian-debbugs by debbugs.gnu.org with local (Exim 4.69)
	(envelope-from <Debian-debbugs@debbugs.gnu.org>)
	id 1OttvC-0002wo-0O; Thu, 09 Sep 2010 23:05:02 -0400
X-Loop: help-debbugs@gnu.org
In-Reply-To: <yxraao3nwc6.fsf@hgwdev.cse.ucsc.edu>
Resent-From: Glenn Morris <rgm@gnu.org>
Original-Sender: debbugs-submit-bounces@debbugs.gnu.org
Resent-To: owner@debbugs.gnu.org
Resent-CC: bug-gnu-emacs@gnu.org
Resent-Date: Fri, 10 Sep 2010 03:05:01 +0000
Resent-Message-ID: <handler.6953.B6953.128408788311324@debbugs.gnu.org>
Resent-Sender: help-debbugs@gnu.org
X-GNU-PR-Message: followup 6953
X-GNU-PR-Package: emacs
X-GNU-PR-Keywords: 
Original-Received: via spool by 6953-submit@debbugs.gnu.org id=B6953.128408788311324
	(code B ref 6953); Fri, 10 Sep 2010 03:05:01 +0000
Original-Received: (at 6953) by debbugs.gnu.org; 10 Sep 2010 03:04:43 +0000
Original-Received: from localhost ([127.0.0.1] helo=debbugs.gnu.org)
	by debbugs.gnu.org with esmtp (Exim 4.69)
	(envelope-from <debbugs-submit-bounces@debbugs.gnu.org>)
	id 1Ottus-0002wb-Ji
	for submit@debbugs.gnu.org; Thu, 09 Sep 2010 23:04:43 -0400
Original-Received: from fencepost.gnu.org ([140.186.70.10])
	by debbugs.gnu.org with esmtp (Exim 4.69)
	(envelope-from <rgm@gnu.org>) id 1Ottur-0002wW-E5
	for 6953@debbugs.gnu.org; Thu, 09 Sep 2010 23:04:41 -0400
Original-Received: from rgm by fencepost.gnu.org with local (Exim 4.69)
	(envelope-from <rgm@gnu.org>)
	id 1Ottwt-0006i2-0I; Thu, 09 Sep 2010 23:06:47 -0400
X-Spook: subversive AK-47 NATO Maple bluebird S Box MIT-LL Mossad
X-Ran: L\XmWA[g_1GUSF`T5FIgVO"q(-2RQ49@w<zD.d,oZa_Q.DLtKg6w~S4>BZ53oj<bp.ULa_
X-Hue: white
X-Attribution: GM
User-Agent: Gnus (www.gnus.org), GNU Emacs (www.gnu.org/software/emacs/)
X-BeenThere: debbugs-submit@debbugs.gnu.org
X-Mailman-Version: 2.1.11
Precedence: list
Resent-Date: Thu, 09 Sep 2010 23:05:02 -0400
X-detected-operating-system: by eggs.gnu.org: GNU/Linux 2.6 (newer, 3)
X-BeenThere: bug-gnu-emacs@gnu.org
List-Id: "Bug reports for GNU Emacs,
	the Swiss army knife of text editors" <bug-gnu-emacs.gnu.org>
List-Unsubscribe: <http://lists.gnu.org/mailman/listinfo/bug-gnu-emacs>,
	<mailto:bug-gnu-emacs-request@gnu.org?subject=unsubscribe>
List-Archive: <http://lists.gnu.org/archive/html/bug-gnu-emacs>
List-Post: <mailto:bug-gnu-emacs@gnu.org>
List-Help: <mailto:bug-gnu-emacs-request@gnu.org?subject=help>
List-Subscribe: <http://lists.gnu.org/mailman/listinfo/bug-gnu-emacs>,
	<mailto:bug-gnu-emacs-request@gnu.org?subject=subscribe>
Original-Sender: bug-gnu-emacs-bounces+geb-bug-gnu-emacs=m.gmane.org@gnu.org
Errors-To: bug-gnu-emacs-bounces+geb-bug-gnu-emacs=m.gmane.org@gnu.org
Xref: news.gmane.org gmane.emacs.bugs:40055
Archived-At: <http://permalink.gmane.org/gmane.emacs.bugs/40055>

Stefan Monnier wrote:

>> Do you mean changing Fcopy_file to optionally not copy the source file
>> permission bits to the output file?
>
> Something like that.

Just had a thought that this kind of approach is not going to work for
securing ~/%backup%~ files for people who have AFS home directories.
Which probably is not many in % terms, but is more than zero. In AFS,
the _only_ way to make files private to the owner is to put them in a
private directory.

On the other hand, simply creating a mode 700 directory does not
necessarily make it private, you have to use AFS commands to set ACLs.
But the approach of having backup files in a special directory would
be closer to how AFS normally works.