Simon Ruderich wrote: > If the initial tempfile creation fails, possibly during a race condition > with two parallel vims writing the tempfile, then a fallback code is > used. However while the normal code uses a restrictive umask (or the > mode of the existing viminfo), the fallback code uses the default umask > of the user. This can result in a viminfo which is readable by all > users possibly leaking sensitive information. > --- > src/ex_cmds.c | 9 ++++++++- > 1 file changed, 8 insertions(+), 1 deletion(-) > > Hello, > > We noticed this issue on a multi-user system where viminfos > became readable by other users from time to time. We think this > issue is caused by the fallback code in write_viminfo() which > doesn't enforce a strict umask. This patch should fix this issue.
Thanks. The temp file is safe, since only the user can read the temp directory, but since it's move to the right place with a rename. Can you write a test for this? > However this patch won't help users which were already affected > by this race condition as write_viminfo() retains the permissions > of an existing viminfo. As the use-case for a viminfo readable by > others doesn't seem very relevant to me, I recommend changing the > viminfo code to always enforce 0600 permissions to prevent this > kind of information leak (for affected users and in general). I wonder if this would ever cause problems. I can't think of something. -- Mushrooms always grow in damp places and so they look like umbrellas. /// Bram Moolenaar -- [email protected] -- http://www.Moolenaar.net \\\ /// sponsor Vim, vote for features -- http://www.Vim.org/sponsor/ \\\ \\\ an exciting new programming language -- http://www.Zimbu.org /// \\\ help me help AIDS victims -- http://ICCF-Holland.org /// -- -- You received this message from the "vim_dev" maillist. Do not top-post! Type your reply below the text you are replying to. For more information, visit http://www.vim.org/maillist.php --- You received this message because you are subscribed to the Google Groups "vim_dev" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. For more options, visit https://groups.google.com/d/optout.
