Hi there,
I have my home directory mounted via a kerberos - secured NFS4. All the user
and groups of the files are mapped to nobody/nobody, so when trying to write
to .viminfo, vim fails with the error:
E137: Viminfo file is not writable
The problem is resides in ex_cmds.c:
if (mch_stat((char *)fname, &st_old) == 0 && getuid()
&& !(st_old.st_uid == getuid()
? (st_old.st_mode & 0200)
: (st_old.st_gid == getgid()
? (st_old.st_mode & 0020)
: (st_old.st_mode & 0002))))
{
which only checks for the main unix permissions and ignores any ACLs set or
security means like kerberized NFS.
Workaround: Ignore the error
Solution:
1) Instead of the check above, use access((char *)fname, W_OK) to determine
whether the file is writable. However, this has some security implications as
shown by the access(2) manpage of FreeBSD:
SECURITY CONSIDERATIONS
The access() system call is a potential security hole due to race condi-
tions and should never be used. Set-user-ID and set-group-ID applica-
tions should restore the effective user or group ID, and perform actions
directly rather than use access() to simulate access checks for the real
user or group ID. The eaccess() system call likewise may be subject to
races if used inappropriately.
This section cannot be found in the the access(2) manpage in linux.
2) open() the file and see if it works ...
Victor
