sm2@sequent.cc.hull.ac.uk (Simon Marshall) (05/23/91)
Reminder for those who've forgotten (we get posted news a few days later in the UK than US, so although I'm replying as soon as I see postings, it's late to some). The "problem" concerns Emacs' auto-save files having their permission bits set to umask, not the permission bits of the file the buffer is visiting if it has one. In other words: editing READ-RESTRICTED files still produces READABLE auto-save files if umask==022 or something similar, and similarly for auto-save files of buffers such as *mail* etc. which are not visiting files, but are auto-saved. Nightmare! Your boss can read all your mail as you write it! On 22 May, Dan Jacobson (Dan_Jacobson@attribute.com) writes in alt.security: (basically, in a condensed way, something like this:) (setq mail-mode-hook (function (lambda () (setq buffer-auto-save-file-name ;;; Thanks to Kyle Jones (expand-file-name (concat "~/<read-restricted-directory>/#%*mail" (random t) "*#")))))) this solves the problem of an auto-save *mail* file, although auto-save files remain (and pile up) if the mail is not sent. This does not of course solve the problem of readable auto-save files of buffers visiting read-restricted files, but something similar can be done with find-file-hooks in this case. Obviously though, this should not be left to the user (who may not even be aware of the problem) - isn't this a feature that needs to be addressed/fixed? Do any Emacs/GNU people have any input? It has frightened some people into making umask=077, another nightmare! Simon. _______________________________________________________________________________ Simon Marshall, Dept. of Computer Science, University of Hull, Hull HU6 7RX, UK "``La la la la la la la la la'' means I love you." EMAIL: S.Marshall@Hull.ac.uk UUCP: ..!ukc!hu-cs!sm Telephone: +44 482 465951 (office) Fax: +44 482 466666