oss-sec mailing list archives
Re: Fw: Security risk of vim swap files
From: Kurt H Maier <khm () sciops net>
Date: Tue, 31 Oct 2017 11:10:51 -0700
On Tue, Oct 31, 2017 at 10:54:08AM -0700, Tim wrote:
Sure, you can argue that maybe some systems should ignore these files, block access, etc, but it is pretty absurd to expect every other piece of software in the universe to work around very unsafe defaults of text editors.
It's also fairly absurd to insist that people can run whatever program they want, wherever they want, on a production web server, without being familiar enough with the program to understand the risks. Anyone who edits files in the deployment path with an insufficient education is going to have problems, and not having noswapfile set is the least of them. khm
Current thread:
- Re: Fw: Security risk of vim swap files, (continued)
- Re: Fw: Security risk of vim swap files Solar Designer (Oct 31)
- Re: Fw: Security risk of vim swap files Apostolis Hardalias (Oct 31)
- Re: Fw: Security risk of vim swap files Jakub Wilk (Oct 31)
- Re: Fw: Security risk of vim swap files Solar Designer (Oct 31)
- Re: Fw: Security risk of vim swap files Adam Shannon (Oct 31)
- Re: Fw: Security risk of vim swap files Gordo Lowrey (Oct 31)
- Re: Fw: Security risk of vim swap files Solar Designer (Oct 31)
- Re: Fw: Security risk of vim swap files Jason Cooper (Oct 31)
- Re: Security risk of vim swap files Simon Waters (Surevine) (Oct 31)
- Re: Security risk of vim swap files Matthias Luft (Nov 07)
- Re: Fw: Security risk of vim swap files Tim (Oct 31)
- Re: Fw: Security risk of vim swap files Kurt H Maier (Oct 31)
- Re: Fw: Security risk of vim swap files Tim (Oct 31)
- Re: Fw: Security risk of vim swap files Steffen Nurpmeso (Oct 31)
- Re: Fw: Security risk of vim swap files Leonid Isaev (Nov 01)
- Re: Fw: Security risk of vim swap files Simon McVittie (Nov 01)
- Re: Fw: Security risk of vim swap files Tim (Nov 01)
- Re: Fw: Security risk of vim swap files Jeffrey Walton (Nov 01)
- Re: Fw: Security risk of vim swap files Kurt Seifried (Nov 01)
- Re: Fw: Security risk of vim swap files Jakub Wilk (Nov 01)
- Re: Fw: Security risk of vim swap files Solar Designer (Nov 01)
- Re: Security risk of vim swap files Ian Zimmerman (Nov 06)
- Re: Fw: Security risk of vim swap files Kurt H Maier (Oct 31)