sm2@sequent.cc.hull.ac.uk (Simon Marshall) (05/23/91)
Reminder for those who've forgotten (we get posted news a few days
later in the UK than US, so although I'm replying as soon as I see
postings, it's late to some).
The "problem" concerns Emacs' auto-save files having their
permission bits set to umask, not the permission bits of the file the
buffer is visiting if it has one. In other words:
editing READ-RESTRICTED files
still produces READABLE auto-save files
if umask==022 or something similar, and similarly for auto-save files
of buffers such as *mail* etc. which are not visiting files, but are
auto-saved.
Nightmare! Your boss can read all your mail as you write it!
On 22 May, Dan Jacobson (Dan_Jacobson@attribute.com) writes in alt.security:
(basically, in a condensed way, something like this:)
(setq mail-mode-hook (function (lambda ()
(setq buffer-auto-save-file-name ;;; Thanks to Kyle Jones
(expand-file-name (concat "~/<read-restricted-directory>/#%*mail"
(random t) "*#"))))))
this solves the problem of an auto-save *mail* file, although
auto-save files remain (and pile up) if the mail is not sent.
This does not of course solve the problem of readable auto-save
files of buffers visiting read-restricted files, but something
similar can be done with find-file-hooks in this case.
Obviously though, this should not be left to the user (who may not
even be aware of the problem) - isn't this a feature that needs to be
addressed/fixed? Do any Emacs/GNU people have any input? It has
frightened some people into making umask=077, another nightmare!
Simon.
_______________________________________________________________________________
Simon Marshall, Dept. of Computer Science, University of Hull, Hull HU6 7RX, UK
"``La la la la la la la la la'' means I love you."
EMAIL: S.Marshall@Hull.ac.uk UUCP: ..!ukc!hu-cs!sm
Telephone: +44 482 465951 (office) Fax: +44 482 466666