[Top][All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: backup method

From: Stefan Monnier
Subject: Re: backup method
Date: Sun, 30 Jan 2005 19:57:28 -0500
User-agent: Gnus/5.11 (Gnus v5.11) Emacs/21.3.50 (gnu/linux)

>> So I suggest not making backupfiles in world-writable directories.
> This change would be a disastrous surprise.

> (My home directory used to be world-writable.  Maybe it still is, on
> fencepost--I can't check from here.)

In a world-writable directory, editing with a backup file is dangerous:

- if backup-by-copying is t, then when writing the backup file we may follow
  a symlink (planted by some other user) to some important file.

- if backup-by-copying is nil, the rename-file to create the backup is safe
  (as long as it doesn't do a copy behind the scenes, of course), but the
  main file will be written to in a way that will happily follow a symlink
  (planted by some other user) to some important file.

Here are the possible answers I can think of:

- who cares, we lived with it for so long already.
- I trust other users not to try to play such nasty games.
- don't make backups in world-writable directories (we already do that for
  the most common world-writable directory: /tmp).
- take special precautions when making a backup in
  a world-writable directory (use make-temp-file & rename, for example, or
  save to some other place).


reply via email to

[Prev in Thread] Current Thread [Next in Thread]