From: Stefan Monnier <monnier@iro.umontreal.ca>
To: Glenn Morris <rgm@gnu.org>
Cc: 6953@debbugs.gnu.org, Mark Diekhans <markd@soe.ucsc.edu>
Subject: bug#6953: 24.0.50; serious security bug in create backup files
Date: Thu, 09 Sep 2010 19:09:47 +0200 [thread overview]
Message-ID: <jwvpqwm6e7l.fsf-monnier+emacs@gnu.org> (raw)
In-Reply-To: <ovk4mvv631.fsf@fencepost.gnu.org> (Glenn Morris's message of "Thu, 09 Sep 2010 01:28:18 -0400")
>> The time window during which the access rights are too loose.
> Do you mean changing Fcopy_file to optionally not copy the source file
> permission bits to the output file?
Something like that.
> Maybe that's better, but it would need yet another optional argument
> for copy-file, which would probably not see much use outside of
> this context.
Adding yet-another-arg doesn't sound very appealing, indeed.
Maybe a better solution is to split copy-file into 2 functions: one that
copies the file data (into a file that's only readable by the current
process, or user) and another that copies various parts of its metadata
like timestamp, uid-gid, ... (this last function might be itself split
into various parts). So copy-file can be implemented on top of those
functions and backup can use them as well.
Stefan
next prev parent reply other threads:[~2010-09-09 17:09 UTC|newest]
Thread overview: 28+ messages / expand[flat|nested] mbox.gz Atom feed top
2010-08-31 6:13 bug#6953: 24.0.50; serious security bug in create backup files Mark Diekhans
2010-09-02 5:38 ` Glenn Morris
2010-09-02 6:54 ` Eli Zaretskii
2010-09-02 7:05 ` markd
2010-09-02 7:58 ` Glenn Morris
2010-09-02 16:33 ` Mark Diekhans
2010-09-08 0:03 ` Glenn Morris
2010-09-08 8:52 ` Stefan Monnier
2010-09-08 15:48 ` Glenn Morris
2010-09-08 22:48 ` Stefan Monnier
2010-09-09 5:28 ` Glenn Morris
2010-09-09 17:09 ` Stefan Monnier [this message]
2010-09-10 3:06 ` Glenn Morris
2010-09-13 11:44 ` Eli Zaretskii
2010-09-13 15:32 ` Lennart Borgman
2010-09-22 1:34 ` Glenn Morris
2010-09-25 20:21 ` Chong Yidong
2010-09-26 10:37 ` Richard Stallman
2010-09-28 17:26 ` Chong Yidong
2010-09-29 13:36 ` Richard Stallman
2010-09-29 13:43 ` Eli Zaretskii
2010-09-29 14:25 ` markd
2011-01-12 4:38 ` Glenn Morris
2011-01-12 15:25 ` Stefan Monnier
2011-01-12 17:56 ` Mark Diekhans
2011-01-12 19:29 ` Glenn Morris
2011-01-12 21:56 ` Mark Diekhans
2011-01-15 2:33 ` Chong Yidong
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=jwvpqwm6e7l.fsf-monnier+emacs@gnu.org \
--to=monnier@iro.umontreal.ca \
--cc=6953@debbugs.gnu.org \
--cc=markd@soe.ucsc.edu \
--cc=rgm@gnu.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
Code repositories for project(s) associated with this external index
https://git.savannah.gnu.org/cgit/emacs.git
https://git.savannah.gnu.org/cgit/emacs/org-mode.git
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.