Hello all, I found that when I edit passwords in emacs via `password-store-edit`, emacs creates backup-files with plain-text passwords, which in my personal configuration (via no-littering.el) are stored persitently in my home directory. As I understand, the above emacs commands just runs `pass edit` in a subprocess, so that the password is edited in /dev/shm as a text-file in the normal `text-mode`.
When using emacs directly to open gpg files to edit their plain-text content,
emacs does the right thing and encrypts the backups, but that's not the case
for editing plain-text-files. Also, the absense of a special emacs-mode for
editing passwords make it a bit more tricky to disable backups for
password-files. E.g. the emacs backup documentation [1] give the following
example for disabling backups for a specific major mode:
(add-hook 'rmail-mode-hook
(lambda () (setq-local make-backup-files nil)))
It would be nice to somehow also set `make-backup-files` to nil for
password-files. Ideally, that could be should be in the password-store package
to have security by default. The solution that I found for me was to edit
`backup-enable-predicate` (which takes a file path) to disable backups for
files in `/dev/shm`:
(defun my-backup-enable-predicate (name)
(and (normal-backup-enable-predicate name)
(not (s-starts-with-p "/dev/shm" fpath))))
(setq backup-enable-predicate #'my-backup-enable-predicate)
This works for me but isn't an ideal solution. password-store.el might an an
advice to `backup-enable-predicate` to extend it, though modifying a
user-option doesn't seem ideal to me.
I found that the `pass` emacs-package [2], which wraps and extends
password-store.el, does open the GPG file directly with a special major-mode
when using its `pass-view` command, which prevents the issue.
But I think there should be a solution that really works with `pass edit`, even
when invoked from the CLI. Of course it will only ever work if the user also
loads password-store.el in their emacs initialization, but it's better than
nothing.
Any suggestions how this could be done within password-store.el? Or is just
something wrong with my config? Should we maybe document this behavior
somewhere to raise awareness? Maybe that's something that should be fixed from
emacs-side, e.g. by not having backups by default for `/dev/shm`?
Cheers,
Michael Eliachevitch
[1]:
https://www.gnu.org/software/emacs/manual/html_node/elisp/Making-Backups.html
[2]: https://github.com/NicolasPetton/pass
--
Michael Eliachevitch
Public PGP Key:
https://keyoxide.org/hkp/546908c782383ad0e7d894ec1b8f95c8125dce31
signature.asc
Description: PGP signature
