oss-sec mailing list archives

Re: Fw: Security risk of vim swap files

From: Jakub Wilk <jwilk () jwilk net>
Date: Tue, 31 Oct 2017 14:35:59 +0100

There's another problem with vim swapfiles.

If you edit a file directly in /tmp, vim will happily read a swapfilethat were planted there by somebody else. Local users could exploit thisfor denial of service (or maybe worse if there are any swapfile parsingbugs...).

Is that a bug in vim? Or is it a user error to edit file directly in/tmp?

In the latter case, we should fix at least vipe(1) and vidir(1) frommoreutils; and run-mailcap(1).


--
Jakub Wilk

Current thread:

Fw: Security risk of vim swap files Hanno Böck (Oct 31)
- Re: Fw: Security risk of vim swap files Solar Designer (Oct 31)
  - Re: Fw: Security risk of vim swap files Stefan Bühler (Oct 31)
    - Re: Fw: Security risk of vim swap files Solar Designer (Oct 31)
- Re: Fw: Security risk of vim swap files Apostolis Hardalias (Oct 31)
- Re: Fw: Security risk of vim swap files Jakub Wilk (Oct 31)
  - Re: Fw: Security risk of vim swap files Solar Designer (Oct 31)
    - Re: Fw: Security risk of vim swap files Adam Shannon (Oct 31)
    - Re: Fw: Security risk of vim swap files Gordo Lowrey (Oct 31)
- Re: Fw: Security risk of vim swap files Jason Cooper (Oct 31)
- Re: Security risk of vim swap files Simon Waters (Surevine) (Oct 31)
  - Re: Security risk of vim swap files Matthias Luft (Nov 07)
- Re: Fw: Security risk of vim swap files Tim (Oct 31)
  - Re: Fw: Security risk of vim swap files Kurt H Maier (Oct 31)
    - Re: Fw: Security risk of vim swap files Tim (Oct 31)
  - Re: Fw: Security risk of vim swap files Steffen Nurpmeso (Oct 31)

(Thread continues...)