GNU bug report logs - #20621
Encrypted files auto-saved in plain text during remote edit

Previous Next

Package: emacs;

Reported by: Nick Helm <nick <at> tenpoint.co.nz>

Date: Wed, 20 May 2015 23:56:02 UTC

Severity: important

Tags: security

Fixed in version 25.1

Done: Michael Albinus <michael.albinus <at> gmx.de>

Bug is archived. No further changes may be made.

To add a comment to this bug, you must first unarchive it, by sending
a message to control AT debbugs.gnu.org, with unarchive 20621 in the body.
You can then email your comments to 20621 AT debbugs.gnu.org in the normal way.

Toggle the display of automated, internal messages from the tracker.

View this report as an mbox folder, status mbox, maintainer mbox

Report forwarded to bug-gnu-emacs <at> gnu.org:
bug#20621; Package emacs. (Wed, 20 May 2015 23:56:02 GMT) Full text and rfc822 format available.
Acknowledgement sent to Nick Helm <nick <at> tenpoint.co.nz>:
New bug report received and forwarded. Copy sent to bug-gnu-emacs <at> gnu.org. (Wed, 20 May 2015 23:56:03 GMT) Full text and rfc822 format available.

Message #5 received at submit <at> debbugs.gnu.org (full text, mbox):

From: Nick Helm <nick <at> tenpoint.co.nz>
To: "bug-gnu-emacs <at> gnu.org" <bug-gnu-emacs <at> gnu.org>
Subject: Encrypted files auto-saved in plain text during remote edit
Date: Wed, 20 May 2015 23:57:35 +0000

When using Tramp and EPA to edit an encrypted file on a remote machine, Emacs
auto-saves the file in unencrypted plain text.

From Emacs -Q do:

C-x C-f 

Enter: /ssh:<user>@<host>:/path/to/encrypted/file.gpg

Enter: <user_password>

Enter: <symmetric_encryption_pass_phrase>

Edit file.gpg sufficiently to initiate auto-save

New file /path/to/encrypted/#_assh_buser <at> host_b_apath_ato_aencrypted_afile.gpg#
is saved in plain text on the remote machine (or default auto-save location).





In GNU Emacs 24.5.1 (x86_64-apple-darwin13.4.0, NS apple-appkit-1265.21)
 of 2015-04-11 on builder10-9.porkrind.org
Windowing system distributor `Apple', version 10.3.1347
Configured using:
 `configure --with-ns '--enable-locallisppath=/Library/Application
 Support/Emacs/${version}/site-lisp:/Library/Application
 Support/Emacs/site-lisp''

Important settings:
  value of $LANG: en_NZ.UTF-8
  locale-coding-system: utf-8-unix

Major mode: Lisp Interaction

Minor modes in effect:
  tooltip-mode: t
  electric-indent-mode: t
  mouse-wheel-mode: t
  tool-bar-mode: t
  menu-bar-mode: t
  file-name-shadow-mode: t
  global-font-lock-mode: t
  font-lock-mode: t
  blink-cursor-mode: t
  auto-composition-mode: t
  auto-encryption-mode: t
  auto-compression-mode: t
  line-number-mode: t
  transient-mark-mode: t

Recent messages:
For information about GNU Emacs and the GNU system, type C-h C-a.

Load-path shadows:
None found.

Features:
(shadow sort gnus-util mail-extr emacsbug message format-spec rfc822 mml
easymenu mml-sec mm-decode mm-bodies mm-encode mail-parse rfc2231
mailabbrev gmm-utils mailheader sendmail rfc2047 rfc2045 ietf-drums
mm-util help-fns mail-prsvr mail-utils time-date tooltip electric
uniquify ediff-hook vc-hooks lisp-float-type mwheel ns-win tool-bar dnd
fontset image regexp-opt fringe tabulated-list newcomment lisp-mode
prog-mode register page menu-bar rfn-eshadow timer select scroll-bar
mouse jit-lock font-lock syntax facemenu font-core frame cham georgian
utf-8-lang misc-lang vietnamese tibetan thai tai-viet lao korean
japanese hebrew greek romanian slovak czech european ethiopic indian
cyrillic chinese case-table epa-hook jka-cmpr-hook help simple abbrev
minibuffer nadvice loaddefs button faces cus-face macroexp files
text-properties overlay sha1 md5 base64 format env code-pages mule
custom widget hashtable-print-readable backquote make-network-process
cocoa ns multi-tty emacs)

Memory information:
((conses 16 71745 9990)
 (symbols 48 17206 0)
 (miscs 40 36 119)
 (strings 32 9772 4178)
 (string-bytes 1 257096)
 (vectors 16 8944)
 (vector-slots 8 372336 19181)
 (floats 8 53 218)
 (intervals 56 172 0)
 (buffers 960 11))
Information forwarded to bug-gnu-emacs <at> gnu.org:
bug#20621; Package emacs. (Tue, 26 May 2015 07:44:02 GMT) Full text and rfc822 format available.

Message #8 received at 20621 <at> debbugs.gnu.org (full text, mbox):

From: Michael Albinus <michael.albinus <at> gmx.de>
To: Nick Helm <nick <at> tenpoint.co.nz>
Cc: 20621 <at> debbugs.gnu.org
Subject: Re: bug#20621: Encrypted files auto-saved in plain text during remote
 edit
Date: Tue, 26 May 2015 09:42:47 +0200

Nick Helm <nick <at> tenpoint.co.nz> writes:

Hi Nick,

> When using Tramp and EPA to edit an encrypted file on a remote machine, Emacs
> auto-saves the file in unencrypted plain text.

Yes, indeed. Tramp sets unconditionally auto-save-mode to 1, overwriting
existing values. OTOH, epa sets this by default to nil.

This Tramp behaviour is 15 years old; I cannot see why it was
needed. Maybe in some older Emacsen, or XEmacs, only? Anyway, I have
removed it from Tramp. Let's see whether somebody will complain.

I have submitted the patch to both Emacs and Tramp repositories; could
you, please, check?

Thanks for the report, and best regards, Michael.
Information forwarded to bug-gnu-emacs <at> gnu.org:
bug#20621; Package emacs. (Wed, 27 May 2015 04:06:02 GMT) Full text and rfc822 format available.

Message #11 received at 20621 <at> debbugs.gnu.org (full text, mbox):

From: Nick Helm <nick <at> tenpoint.co.nz>
To: "20621 <at> debbugs.gnu.org" <20621 <at> debbugs.gnu.org>
Cc: Michael Albinus <michael.albinus <at> gmx.de>
Subject: Re: bug#20621: Encrypted files auto-saved in plain text during
 remote edit
Date: Wed, 27 May 2015 04:06:45 +0000

> On 26/05/2015, at 7:42 pm, Michael Albinus <michael.albinus <at> gmx.de> wrote:
> 
>> When using Tramp and EPA to edit an encrypted file on a remote machine, Emacs
>> auto-saves the file in unencrypted plain text.
> 
> Yes, indeed. Tramp sets unconditionally auto-save-mode to 1, overwriting
> existing values. OTOH, epa sets this by default to nil.
> 
> This Tramp behaviour is 15 years old; I cannot see why it was
> needed. Maybe in some older Emacsen, or XEmacs, only? Anyway, I have
> removed it from Tramp. Let's see whether somebody will complain.
> 
> I have submitted the patch to both Emacs and Tramp repositories; could
> you, please, check?

Yep, that's fixed it here. I see the same auto-save behaviour as editing an epa file
in a local-buffer now. 

Thanks!
Reply sent to Michael Albinus <michael.albinus <at> gmx.de>:
You have taken responsibility. (Wed, 27 May 2015 07:25:03 GMT) Full text and rfc822 format available.
Notification sent to Nick Helm <nick <at> tenpoint.co.nz>:
bug acknowledged by developer. (Wed, 27 May 2015 07:25:03 GMT) Full text and rfc822 format available.

Message #16 received at 20621-done <at> debbugs.gnu.org (full text, mbox):

From: Michael Albinus <michael.albinus <at> gmx.de>
To: Nick Helm <nick <at> tenpoint.co.nz>
Cc: 20621-done <at> debbugs.gnu.org
Subject: Re: bug#20621: Encrypted files auto-saved in plain text during remote
 edit
Date: Wed, 27 May 2015 09:23:42 +0200

Version: 25.1

Nick Helm <nick <at> tenpoint.co.nz> writes:

Hi Nick,

>> I have submitted the patch to both Emacs and Tramp repositories; could
>> you, please, check?
>
> Yep, that's fixed it here. I see the same auto-save behaviour as
> editing an epa file
> in a local-buffer now.

Thanks for checking, I'm closing the bug.

> Thanks!

Best regards, Michael.
bug archived. Request was from Debbugs Internal Request <help-debbugs <at> gnu.org> to internal_control <at> debbugs.gnu.org. (Wed, 24 Jun 2015 11:24:05 GMT) Full text and rfc822 format available.
This bug report was last modified 10 years and 2 days ago.

Previous Next

GNU bug tracking system
Copyright (C) 1999 Darren O. Benham, 1997,2003 nCipher Corporation Ltd, 1994-97 Ian Jackson.