GNU bug report logs - #6953
24.0.50; serious security bug in create backup files

Previous Next

Package: emacs;

Reported by: Mark Diekhans <markd <at> soe.ucsc.edu>

Date: Tue, 31 Aug 2010 06:13:02 UTC

Severity: important

Found in version 24.0.50

Done: Chong Yidong <cyd <at> stupidchicken.com>

Bug is archived. No further changes may be made.

Full log

View this message in rfc822 format

From: markd <at> soe.ucsc.edu
To: rms <at> gnu.org
Cc: 6953 <at> debbugs.gnu.org, Chong Yidong <cyd <at> stupidchicken.com>
Subject: bug#6953: 24.0.50; serious security bug in create backup files
Date: Wed, 29 Sep 2010 07:25:31 -0700

Just to clarify, this is the fallback backup file, ~/%backup%~,
not backup files in general.

The current approach provides an very limited and arbitrary approach to 
preventing data lose:

  - there only one ~/%backup%~ so it's arbitrary from the users prospective
    which buffer actually gets a fallback backup.

  - these is no control over where this is saved, it may very well be
    the file system were the primary backup file could not be created
    due to lack of disk space.

My experience in over 20 years of using emacs, this has never
been of any value.

The down side of the current implementation is extremely
serious, potentially exposing private or sensitive data to all
users of the file system.  In my case, exposing a mail box to
hundreds of users.  I would argue that this is far more serious
a problem than the very limited data lose prevent provided
by the current implementation.

thanks much for how seriously this is being taken,
mark

Richard Stallman <rms <at> gnu.org> writes:
>     > Do you mean, make no backup file at all.
> 
>     Yeah.
> 
> To make no backup file seems like a gross insecurity to me.


,
This bug report was last modified 14 years and 204 days ago.

Previous Next

GNU bug tracking system
Copyright (C) 1999 Darren O. Benham, 1997,2003 nCipher Corporation Ltd, 1994-97 Ian Jackson.