Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Mon, 6 Nov 2017 07:32:46 -0500
From: Michael Orlitzky <michael@...itzky.com>
To: oss-security@...ts.openwall.com
Subject: Re: Fw: Security risk of vim swap files

On 11/06/2017 02:08 AM, Christian Brabandt wrote:
> 
> On So, 05 Nov 2017, Jakub Wilk wrote:
> 
>> Couldn't vim create swapfiles with mode 0600 and be done with it?
> 
> Because then users of the group could not recover the file anymore, 
> although they are able to read the original file.
> 

It also breaks (default) ACLs, but maybe if we do that in enough
important applications, the next generation of ACLs won't try to use the
group bits as a permissions mask.

Powered by blists - more mailing lists

Your e-mail address:

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Powered by Openwall GNU/*/Linux - Powered by OpenVZ