bug-gnu-emacs
[Top][All Lists]
Advanced
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

bug#60460: 30.0.50; [FR] avoid putting remote files to local trash

From: Michael Albinus
Subject: bug#60460: 30.0.50; [FR] avoid putting remote files to local trash
Date: Mon, 02 Jan 2023 19:30:52 +0100
User-agent: Gnus/5.13 (Gnus v5.13) 
Jean Louis <bugs@gnu.support> writes:

Hi Jean,

>> >> Alternatively, we could add a new user option
>> >> `remote-file-name-inhibit-delete-by-moving-to-trash' (*),
>> >
>> > That sounds good.
>> >
>> > But what is remote? Is /sudo:: also remote? User may want to have
>> > access to sudo and move those files to Trash as well.
>>
>> "/sudo::" is also remote. And yes, it shouldn't go either to the user's
>> trash directory (if configured so), it could be a security problem.
>
> Beyond this discussion, I don't see security problem. When somebody
> has sudo rights, then that person can transfer files anywhere that
> person wants.

But there are other attack vectors then. Trash files from root user,
located in the user's home directory, could have weak permissions.

> Settings in Emacs to delete by moving trash are explicit decisions of
> user. Same with `sudo'. Administrator gives privilege to `sudoer',
> and that sudoer may do what he thinks is right and good.
>
> I would personally prefer that sudo editing goes in trash.

You are free to configure respective connection-local variables.

> Anyway, when editing with sudo I see this file:
>
>   lrwxrwxrwx   1 root root       46 Jan  2 19:27 .#at.deny -> 
> admin@protected.1904257840789327597
>
> which is dangling symlink, do you know about it? Is it bug?

No, it is a lock file. See (info "(elisp) File Locks")

Best regards, Michael.
reply via email to
[Prev in Thread] Current Thread [Next in Thread]