[Top][All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [vile] Oddity with "check-access=none" and insecure permissions

From: Thomas Dickey
Subject: Re: [vile] Oddity with "check-access=none" and insecure permissions
Date: Sat, 31 Oct 2015 14:46:30 -0400
User-agent: Mutt/1.5.21 (2010-09-15)

On Fri, Oct 30, 2015 at 02:41:44PM -0500, Steven Lembark wrote:
> Double checking at <>:
> check-access
>     Check file permissions before source'ing it in a script. This tells vile 
> to ensure that it uses only files that you own (or root owns), which are not 
> writable by other users. Values include:
>     none
>         disables the check
>     current
>         checks files in the current directory.
>     home
>         check files in the home directory in addition those checked for 
> "current".
>     startup
>         check files in the startup path, as well as those checked for "home".
>     always
>         like "startup", but also check permissions for datafiles such as 
> tags, menus and help-file.
>     The default value is "current". (U)
> Given ~/.vilerc begins with:
>     set check-access=none
>     source ~/.vile/filters/filters.rc
>     source palettes.rc
> Q: Why am I getting:
>     [Skipping '/opt/bin/vile' (insecure permissions)]
>     [Skipping '/usr/bin/vile' (insecure permissions)]
>     [Skipping '/opt/bin/vile' (insecure permissions)]
>     [Reading /home/lembark/.vilerc]
>     [Read 70 lines from "./.vilerc"]
>     [Reading /home/lembark/.vile/filters/filters.rc]
>     [Reading /opt/vile/9.8o/share/vile/modes.rc]
>     [Reading /opt/vile/9.8o/share/vile/palettes.rc]
> For every attempt to edit a file?
> I thought that setting "check-access=none" was supposed to turn
> all of this off.

Revisiting check_access() function in bind.c:

The "check-access" mode applies to scripts, and is implemented in this

The same function is used to check permissions for programs which are run.

At startup, vile attempts to find where _it_ is running from.  If the program
vile or the directory in which it lives aren't "secure", it will complain about

Thomas E. Dickey <address@hidden>

Attachment: signature.asc
Description: Digital signature

reply via email to

[Prev in Thread] Current Thread [Next in Thread]