oss-sec mailing list archives

Previous By Date Next
Previous By Thread Next

Re: Fw: Security risk of vim swap files

From: Jeffrey Walton <noloader () gmail com>
Date: Wed, 1 Nov 2017 11:31:57 -0400
On Wed, Nov 1, 2017 at 10:49 AM, Tim <tim-security () sentinelchicken org> wrote:

Also, it almost never makes sense to put things in /tmp, for several
reasons pointed out by others.  Making ~/.vim/... the default location
clearly is the best solution.


And all those reasons make no sense. /tmp has a sticky bit precisely so that
people could put stuff there, as opposed to /run.


We've been spending decades fixing filesystem races that arise from
cases where people use temporary files in world-writable directories.
You have to get a half dozen things exactly correct in order to use
/tmp.  Why take the risk?  Doesn't every normal (human) user account
have a home directory that is already protected?


Some installs don't allow users to write to /tmp. For example, some
machines on GCC's compile farm do not allow it. I seem to recall the
error was a RO mount. Also see https://gcc.gnu.org/wiki/CompileFarm.

Code and scripts certainly need to check TMPDIR and then have a
fallback strategy if it is missing.

Jeff
Previous By Date Next
Previous By Thread Next

Current thread: