GNU bug report logs - #60460
30.0.50; [FR] avoid putting remote files to local trash

Previous Next

Full log

View this message in rfc822 format

From: Michael Albinus <michael.albinus <at> gmx.de>
To: Jean Louis <bugs <at> gnu.support>
Cc: ruijie <at> netyu.xyz, 60460 <at> debbugs.gnu.org
Subject: bug#60460: 30.0.50; [FR] avoid putting remote files to local trash
Date: Mon, 02 Jan 2023 19:30:52 +0100

Jean Louis <bugs <at> gnu.support> writes:

Hi Jean,

>> >> Alternatively, we could add a new user option
>> >> `remote-file-name-inhibit-delete-by-moving-to-trash' (*),
>> >
>> > That sounds good.
>> >
>> > But what is remote? Is /sudo:: also remote? User may want to have
>> > access to sudo and move those files to Trash as well.
>>
>> "/sudo::" is also remote. And yes, it shouldn't go either to the user's
>> trash directory (if configured so), it could be a security problem.
>
> Beyond this discussion, I don't see security problem. When somebody
> has sudo rights, then that person can transfer files anywhere that
> person wants.

But there are other attack vectors then. Trash files from root user,
located in the user's home directory, could have weak permissions.

> Settings in Emacs to delete by moving trash are explicit decisions of
> user. Same with `sudo'. Administrator gives privilege to `sudoer',
> and that sudoer may do what he thinks is right and good.
>
> I would personally prefer that sudo editing goes in trash.

You are free to configure respective connection-local variables.

> Anyway, when editing with sudo I see this file:
>
>   lrwxrwxrwx   1 root root       46 Jan  2 19:27 .#at.deny -> admin <at> protected.1904257840789327597
>
> which is dangling symlink, do you know about it? Is it bug?

No, it is a lock file. See (info "(elisp) File Locks")

Best regards, Michael.

Previous Next

GNU bug tracking system
Copyright (C) 1999 Darren O. Benham, 1997,2003 nCipher Corporation Ltd, 1994-97 Ian Jackson.