Following description lifted from bug filed at https://bugs.launchpad.net/ubuntu/+source/vim/+bug/78960
<< [EMAIL PROTECTED]:~$ rm .viminfo [EMAIL PROTECTED]:~$ ln -s /dev/null .viminfo [EMAIL PROTECTED]:~$ ls -l .viminfo lrwxrwxrwx 1 sa sa 9 2007-01-12 17:16 .viminfo -> /dev/null [EMAIL PROTECTED]:~$ umask 007 [EMAIL PROTECTED]:~$ /usr/bin/vim.basic -c 'quit' [EMAIL PROTECTED]:~$ ls -l .viminfo -rw-rw-rw- 1 sa sa 509 2007-01-12 17:16 .viminfo As you can see the .viminfo file gets deleted and re-created with permissions 666 by vim. Note that the use of -c 'quit' is just to simplify the bug for transcribing here -- I promise you the same thing happens if you use vim for editing/saving a document as well. I consider this a security bug. vim deletes a file without telling me, and not only that but when it re-creates it, it ignores my umask by making it world writable. This is not what I expected it to do. >> I was able to confirm this bug, both in Ubuntu's vim-gnome-7.0-164+1ubuntu7 package, and in the latest 7.1b sources. I also have a separate question: is this an appropriate place to post bugs? Specifically, when (a) I am interested in potential discussion related to it, and/or (b) I am interested in possibly implementing the fix for it? :he bugs suggests submitting bugs to [EMAIL PROTECTED], but from the description, it sounds like those go to a single person, and are not tracked (so, no opportunity for discussion, and it's hard to know if a bug has been reported or what it's status is). A subject change may be appropriate for answering this separate question. -- Micah J. Cowan Programmer, musician, typesetting enthusiast, gamer... http://micah.cowan.name/
signature.asc
Description: OpenPGP digital signature
