GNU bug report logs - #62991
30.0.50; normal-backup-enable-predicate does not consider /dev/shm

Previous Next

Package: emacs;

Reported by: Vasilij Schneidermann <mail <at> vasilij.de>

Date: Fri, 21 Apr 2023 10:50:02 UTC

Severity: normal

Found in version 30.0.50

To reply to this bug, email your comments to 62991 AT debbugs.gnu.org.

Toggle the display of automated, internal messages from the tracker.

View this report as an mbox folder, status mbox, maintainer mbox


Report forwarded to bug-gnu-emacs <at> gnu.org:
bug#62991; Package emacs. (Fri, 21 Apr 2023 10:50:02 GMT) Full text and rfc822 format available.

Acknowledgement sent to Vasilij Schneidermann <mail <at> vasilij.de>:
New bug report received and forwarded. Copy sent to bug-gnu-emacs <at> gnu.org. (Fri, 21 Apr 2023 10:50:02 GMT) Full text and rfc822 format available.

Message #5 received at submit <at> debbugs.gnu.org (full text, mbox):

From: Vasilij Schneidermann <mail <at> vasilij.de>
To: bug-gnu-emacs <at> gnu.org
Subject: 30.0.50; normal-backup-enable-predicate does not consider /dev/shm
Date: Fri, 21 Apr 2023 12:49:01 +0200
[Message part 1 (text/plain, inline)]
I've found that the `pass` password-store creates temporary files under
/dev/shm rather than /tmp and editing those files with emacs creates
backup files (which may leak passwords outside that directory if
`backup-directory-alist` is customized to place them elsewhere)`. This
seems to be due to `normal-backup-enable-predicate` specifically testing
for /tmp (and two other temporary directories), but not other
directories backed by a tmpfs file system (such as /dev/shm).  There
does not appear to be a customizable to extend the list of directories
it's checking for either. One more candidate for exclusion is the
/run/user/<uid> directory (it's backed by tmpfs as well, but has
different uses).


In GNU Emacs 30.0.50 (build 2, x86_64-pc-linux-gnu, GTK+ Version
 3.24.37, cairo version 1.17.8) of 2023-04-15 built on odonien
Repository revision: c60b59e04c3776a90adaa8c8fe53af3075a833b8
Repository branch: master
Windowing system distributor 'The X.Org Foundation', version 11.0.12101007
System Description: Arch Linux

Configured using:
 'configure 'CFLAGS=-g -ggdb -O0''

Configured features:
ACL CAIRO DBUS FREETYPE GIF GLIB GMP GNUTLS GPM GSETTINGS HARFBUZZ JPEG
JSON LCMS2 LIBOTF LIBSYSTEMD LIBXML2 M17N_FLT MODULES NOTIFY INOTIFY
PDUMPER PNG RSVG SECCOMP SOUND SQLITE3 THREADS TIFF TOOLKIT_SCROLL_BARS
TREE_SITTER WEBP X11 XDBE XIM XINPUT2 XPM GTK3 ZLIB

Important settings:
  value of $LC_MESSAGES: 
  value of $LANG: en_US.UTF-8
  locale-coding-system: utf-8-unix

Major mode: Lisp Interaction

Minor modes in effect:
  tooltip-mode: t
  global-eldoc-mode: t
  eldoc-mode: t
  show-paren-mode: t
  electric-indent-mode: t
  mouse-wheel-mode: t
  tool-bar-mode: t
  menu-bar-mode: t
  file-name-shadow-mode: t
  global-font-lock-mode: t
  font-lock-mode: t
  blink-cursor-mode: t
  line-number-mode: t
  indent-tabs-mode: t
  transient-mark-mode: t
  auto-composition-mode: t
  auto-encryption-mode: t
  auto-compression-mode: t

Load-path shadows:
None found.

Features:
(shadow sort mail-extr emacsbug message mailcap yank-media puny dired
dired-loaddefs rfc822 mml mml-sec password-cache epa derived epg rfc6068
epg-config gnus-util text-property-search time-date subr-x mm-decode
mm-bodies mm-encode mail-parse rfc2231 mailabbrev gmm-utils mailheader
cl-loaddefs cl-lib sendmail rfc2047 rfc2045 ietf-drums mm-util
mail-prsvr mail-utils rmc iso-transl tooltip cconv eldoc paren electric
uniquify ediff-hook vc-hooks lisp-float-type elisp-mode mwheel
term/x-win x-win term/common-win x-dnd tool-bar dnd fontset image
regexp-opt fringe tabulated-list replace newcomment text-mode lisp-mode
prog-mode register page tab-bar menu-bar rfn-eshadow isearch easymenu
timer select scroll-bar mouse jit-lock font-lock syntax font-core
term/tty-colors frame minibuffer nadvice seq simple cl-generic
indonesian philippine cham georgian utf-8-lang misc-lang vietnamese
tibetan thai tai-viet lao korean japanese eucjp-ms cp51932 hebrew greek
romanian slovak czech european ethiopic indian cyrillic chinese
composite emoji-zwj charscript charprop case-table epa-hook
jka-cmpr-hook help abbrev obarray oclosure cl-preloaded button loaddefs
theme-loaddefs faces cus-face macroexp files window text-properties
overlay sha1 md5 base64 format env code-pages mule custom widget keymap
hashtable-print-readable backquote threads dbusbind inotify lcms2
dynamic-setting system-font-setting font-render-setting cairo
move-toolbar gtk x-toolkit xinput2 x multi-tty make-network-process
emacs)

Memory information:
((conses 16 36403 15371)
 (symbols 48 5177 0)
 (strings 32 13201 2082)
 (string-bytes 1 377158)
 (vectors 16 9346)
 (vector-slots 8 149422 15364)
 (floats 8 21 24)
 (intervals 56 212 0)
 (buffers 984 10))
[signature.asc (application/pgp-signature, inline)]

Information forwarded to bug-gnu-emacs <at> gnu.org:
bug#62991; Package emacs. (Fri, 21 Apr 2023 11:57:02 GMT) Full text and rfc822 format available.

Message #8 received at 62991 <at> debbugs.gnu.org (full text, mbox):

From: Eli Zaretskii <eliz <at> gnu.org>
To: Vasilij Schneidermann <mail <at> vasilij.de>
Cc: 62991 <at> debbugs.gnu.org
Subject: Re: bug#62991: 30.0.50;
 normal-backup-enable-predicate does not consider /dev/shm
Date: Fri, 21 Apr 2023 14:56:18 +0300
> Date: Fri, 21 Apr 2023 12:49:01 +0200
> From: Vasilij Schneidermann <mail <at> vasilij.de>
> 
> I've found that the `pass` password-store creates temporary files under
> /dev/shm rather than /tmp and editing those files with emacs creates
> backup files (which may leak passwords outside that directory if
> `backup-directory-alist` is customized to place them elsewhere)`. This
> seems to be due to `normal-backup-enable-predicate` specifically testing
> for /tmp (and two other temporary directories), but not other
> directories backed by a tmpfs file system (such as /dev/shm).  There
> does not appear to be a customizable to extend the list of directories
> it's checking for either. One more candidate for exclusion is the
> /run/user/<uid> directory (it's backed by tmpfs as well, but has
> different uses).

We could indeed teach normal-backup-enable-predicate about /dev/shm on
systems where that is appropriate, but I'm curious why you say this is
not customizable: normal-backup-enable-predicate is called via a
variable, backup-enable-predicate, so you could customize that by
writing your own predicate function, and assigning
backup-enable-predicate to that function.  Or what am I missing?




Information forwarded to bug-gnu-emacs <at> gnu.org:
bug#62991; Package emacs. (Fri, 21 Apr 2023 12:11:02 GMT) Full text and rfc822 format available.

Message #11 received at 62991 <at> debbugs.gnu.org (full text, mbox):

From: Vasilij Schneidermann <mail <at> vasilij.de>
To: Eli Zaretskii <eliz <at> gnu.org>
Cc: 62991 <at> debbugs.gnu.org
Subject: Re: bug#62991: 30.0.50; normal-backup-enable-predicate does not
 consider /dev/shm
Date: Fri, 21 Apr 2023 14:10:18 +0200
[Message part 1 (text/plain, inline)]
> We could indeed teach normal-backup-enable-predicate about /dev/shm on
> systems where that is appropriate, but I'm curious why you say this is
> not customizable: normal-backup-enable-predicate is called via a
> variable, backup-enable-predicate, so you could customize that by
> writing your own predicate function, and assigning
> backup-enable-predicate to that function.  Or what am I missing?

It's a defvar, not a defcustom. The code doesn't seem to have been
touched in a while, so I assume setting that variable is safe, but if
it's intended to be used that way, a defcustom would communicate that
option clearly.

I think a list of additional directories to search would be a better
candidate for a defcustom though.
[signature.asc (application/pgp-signature, inline)]

This bug report was last modified 342 days ago.

Previous Next


GNU bug tracking system
Copyright (C) 1999 Darren O. Benham, 1997,2003 nCipher Corporation Ltd, 1994-97 Ian Jackson.