bug#60460: 30.0.50; [FR] avoid putting remote files to local trash

[Jean Louis]

* Michael Albinus <michael.albinus@gmx.de> [2023-01-02 21:31]:
> But there are other attack vectors then. Trash files from root user,
> located in the user's home directory, could have weak permissions.

Those are decisions of administrator and user. Permissions they put on
files is their decision and freedom. 

Any file owned by root and moved to user's home directory somewhere in
the Trash, will have how I tested it, same permission as in root
accessible directories. Let us say /etc or /usr and so on, those files
are anyway either visible by users or some of them in /etc protected
by permissions. Those are system decisions.

Who has sudo rights is system administrator, not necessarily main, but
then those people made decisions.

And moving into trash is useful, especially in case of files in /etc 

Let administrators decide what they want. 

Emacs is high level interface, not low level. On high level there is
almost nothing to be decided what people decided on low level.

For me is not logical to try to prevent people what they want.

Give them option, but don't try preventing them on that high level to
do this or that, what they otherwise can do in their system by using
different file manager.

If I can run other file manager with sudo and move to Trash anywhere
it is specified, then let it be for Emacs users too, as by trying to
"secure" something what otherwise was decided on low level, makes no
sense.

We can't say later "Emacs is more secure as file manager because it
does not allow you to move files managed with sudo to Trash" --
because it is not "more secure" as it is high level, not low level.

> > Settings in Emacs to delete by moving trash are explicit decisions of
> > user. Same with `sudo'. Administrator gives privilege to `sudoer',
> > and that sudoer may do what he thinks is right and good.
> >
> > I would personally prefer that sudo editing goes in trash.
> 
> You are free to configure respective connection-local variables.

Right now I use my function `system-move-file-to-trash' as recommended
by function `move-file-to-trash' and that is great option, I like that
configuration, so I can decide myself what get moved to Trash and what
not, so I will expand it to recognize sudo paths.

> > Anyway, when editing with sudo I see this file:
> >
> >   lrwxrwxrwx   1 root root       46 Jan  2 19:27 .#at.deny -> 
> > admin@protected.1904257840789327597
> >
> > which is dangling symlink, do you know about it? Is it bug?
> 
> No, it is a lock file. See (info "(elisp) File Locks")

Alright.

-- 
Jean

Take action in Free Software Foundation campaigns:
https://www.fsf.org/campaigns

In support of Richard M. Stallman
https://stallmansupport.org/