Public bug reported:
Binary package hint: vim
Version: 1:7.0-035+1ubuntu5
[EMAIL PROTECTED]:~$ rm .viminfo
[EMAIL PROTECTED]:~$ ln -s /dev/null .viminfo
[EMAIL PROTECTED]:~$ ls -l .viminfo
lrwxrwxrwx 1 sa sa 9 2007-01-12 17:16 .viminfo -> /dev/null
[EMAIL PROTECTED]:~$ umask 007
[EMAIL PROTECTED]:~$ /usr/bin/vim.basic -c 'quit'
[EMAIL PROTECTED]:~$ ls -l .viminfo
-rw-rw-rw- 1 sa sa 509 2007-01-12 17:16 .viminfo
As you can see the .viminfo file gets deleted and re-created with
permissions 666 by vim.
Note that the use of -c 'quit' is just to simplify the bug for
transcribing here -- I promise you the same thing happens if you use vim
for editing/saving a document as well.
I consider this a security bug. vim deletes a file without telling me,
and not only that but when it re-creates it, it ignores my umask by
making it world writable. This is not what I expected it to do.
** Affects: vim (Ubuntu)
Importance: Undecided
Status: Unconfirmed
** This bug has been flagged as a security issue
--
.viminfo file gets deleted and re-created with 666 permissions
https://launchpad.net/bugs/78960
--
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
