Unencrypted `password-store` entries are backed up

emacscollective / no-littering

Help keeping ~/.config/emacs clean

GNU General Public License v3.0

635 stars 69 forks source link

Unencrypted `password-store` entries are backed up #200

Closed josephmturner closed 1 year ago

josephmturner commented 1 year ago

As noted here, pass entries are backed up in plain text when backup-directory-alist is set to nil.

tarsius commented 1 year ago

Thanks for letting me know!

josephmturner commented 1 year ago

@tarsius Thank you for the quick response!!

tarsius commented 1 year ago

I have made a new release 1.3.0. Update to that or if you are using Melpa a snapshot from today. (It's around midnight, the timestamp will probably be 20230420.x, not 20230421.x. The last affected snapshot is 20230410.852.

Also delete all files named /home/jonas/.config/emacs/var/backup/!tmp!... and /home/jonas/.config/emacs/var/backup/!dev!shm!....

no-littering no longer sets backup-directory-alist. The default value is nil, meaning that backups are created in the same directory as the file being edited.

pass uses /dev/shm or if that doesn't exist /tmp. Usually these directories use tmpfs, so any files saved there (whether backup or not), do not hit a disk. I.e., they don't survive a reboot.

The impact of this issue is that the backup files for files in those directories (and other tmpfs directories) did survive reboots, when using no-littering.

sjrmanning commented 1 year ago

I get why this is being fixed, but it also means updating this project without any config changes means I suddenly have $newfile~ files everywhere. Might be helpful to update the README with a second option (if I get some time this weekend, happy to take a stab at it).

tarsius commented 1 year ago

It was past midnight and I wanted to get a fix out. I'll add a note about customizing this variable to the documentation, but it might take a few days -- I wouldn't want to recommend something unsafe.

Customizing auto-save-file-name-transforms as suggested seems unsafe too. I will have to look into that as well.

ajgrf commented 1 year ago

It may also be worth mentioning in the readme that packages like undo-fu-session (and others that restore undo history) deserve the same treatment. I don't think you need to detail exactly how to configure every package that might store sensitive information, but maybe there should be a list of packages that require special attention, because I'm feeling paranoid now that I missed something important.

tarsius commented 1 year ago

@ajgrf I've just opened #203 for this.

tarsius commented 1 year ago

Add link to https://www.reddit.com/r/emacs/comments/12tj72z for reference.