vim: src/fileio.c comparison

comparison src/fileio.c @ 12771:8984342ab09e v8.0.1263

patch 8.0.1263: others can read the swap file if a user is careless commit https://github.com/vim/vim/commit/5a73e0ca54c77e067c3b12ea6f35e3e8681e8cf8 Author: Bram Moolenaar <Bram@vim.org> Date: Sat Nov 4 21:35:01 2017 +0100 patch 8.0.1263: others can read the swap file if a user is careless Problem: Others can read the swap file if a user is careless with his primary group. Solution: If the group permission allows for reading but the world permissions doesn't, make sure the group is right.

author	Christian Brabandt <cb@256bit.org>
date	Sat, 04 Nov 2017 21:45:04 +0100
parents	351cf7c67bbe
children	9d51b8c6b84e

comparison

equal deleted inserted replaced

-:89889fea43e0
+:8984342ab09e
 #endif
 #ifdef UNIX
 	/* Set swap file protection bits after creating it. */
 	if (swap_mode > 0 && curbuf->b_ml.ml_mfp != NULL
 			  && curbuf->b_ml.ml_mfp->mf_fname != NULL)
-	    (void)mch_setperm(curbuf->b_ml.ml_mfp->mf_fname, (long)swap_mode);
+	{
+	    char_u *swap_fname = curbuf->b_ml.ml_mfp->mf_fname;
+	    /*
+	     * If the group-read bit is set but not the world-read bit, then
+	     * the group must be equal to the group of the original file.  If
+	     * we can't make that happen then reset the group-read bit.  This
+	     * avoids making the swap file readable to more users when the
+	     * primary group of the user is too permissive.
+	     */
+	    if ((swap_mode & 044) == 040)
+	    {
+		stat_T	swap_st;
+		if (mch_stat((char *)swap_fname, &swap_st) >= 0
+			&& st.st_gid != swap_st.st_gid
+			&& fchown(curbuf->b_ml.ml_mfp->mf_fd, -1, st.st_gid)
+									 == -1)
+		    swap_mode &= 0600;
+	    }
+	    (void)mch_setperm(swap_fname, (long)swap_mode);
+	}
 #endif
 }
 #if defined(HAS_SWAP_EXISTS_ACTION)
 /* If "Quit" selected at ATTENTION dialog, don't load the file */

Mercurial > vim

comparison src/fileio.c @ 12771:8984342ab09e v8.0.1263