Thanks for your reply, I guess you're right. It hadn't occurred to me yet that it could have happened at the moment of opening the second time when I did have writing permission.
So this is indeed probably not a security problem. Chiel Kooijman, PS. I'm not (yet) so familiar with bug reports and all that. Should this be considered a bug in vim that needs reporting, or should it be considered a choice in the design of the program. On one hand it doesn't seem like something you'd choose for. On the other hand it seems quite unlikely that they've never encountered this before (especially since vim and its predecessors have been around for so long). 2009/7/16 Michael S. Gilbert <michael.s.gilb...@gmail.com> > On Thu, 16 Jul 2009 21:26:53 +0200, Chiel Kooijman wrote: > > Package: base > > Severity: critical > > Tags: security > > Justification: root security hole > > > > I tried to edit /etc/fstab as user (forgot to use `sudo') but, as I > > noticed later, the partition that contains the root (/) files was full. > > After that I tried to edit the file as superuser (I hadn't read the > > message when I tried to write because I assumed it was complaining about > > permission). > > But when I opened the file again it was empty (it did exist; but no text, > > as if created with touch). > > are you sure that /etc/fstab was non-empty before you tried to edit > it in the first place? it seems rather unlikely that reading a file > (that you do not have write permission for) would lead to it getting > erased in any situation (full disk or not); although its not impossible. > > it's more likely that if you didn't resolve the lack of disk > beforehand than when you sudo edited the file there was no tmp space > for vim's swap file and thus you were looking at an apparently empty > file. if you saved that, then you would thus have a permanently empty > /etc/fstab. > > my inclination is that this is not a security problem. > > >
