On Fr, 25 Okt 2019, Sihera Andre wrote:
> HI Christian,
>
>
> On 25/10/2019 18:24, Christian Brabandt wrote:
> > On Fr, 25 Okt 2019, Sihera Andre wrote:
> >
> >> Except that .viminfo, which I would like to relocate to my encrypted
> >> partitions, cannot be stored there because it can't be symbolic linked.
> >>
> >> This, for me, is the security hole. This file is permanently out in the
> >> open
> >> and it contains all manner of information about my editing history. And
> >> that information is increasing with each new major version of ViM. Plus the
> >> fact that I don't like being told how to manage my security. Software
> >> should
> >> be providing all features and setting reasonable defaults; not patronising
> >> professionals by trying to "save them from themselves".
> >>
> >>
> >> I think there should be another debate enabling .viminfo to be a symlink
> >> and giving computer professionals the ability to manage their own security.
> > Have you tried the 'viminfofile' option setting?
> >
> > Best,
> > Christian
>
> I didn't previously know about this option, but I have just tried it.
>
> It works for the "-i" command line invocation but a single line
>
> set viminfofile="...."
>
> in .vimrc does not seem to have any effect. ViM ignores the setting
> in .vimrc and only seems to be looking at the command line "-i" option.
You might also try the 'n flag for the viminfo option. IIRC, it worked
correctly using full path years ago, while the viminfofile option is a
relative recent addition. Might be indeed a bug.
Note, in the linked thread, I did mention a patch. I just updated it, so
try the following:
diff --git a/runtime/doc/starting.txt b/runtime/doc/starting.txt
index 1626bf19b..ae26ae882 100644
--- a/runtime/doc/starting.txt
+++ b/runtime/doc/starting.txt
@@ -1528,8 +1528,6 @@ Notes for Unix:
"real" user. This helps for when you did "su" to become root, but your
$HOME is still set to a normal user's home directory. Otherwise Vim would
create a viminfo file owned by root that nobody else can read.
-- The viminfo file cannot be a symbolic link. This is to avoid security
- issues.
Marks are stored for each file separately. When a file is read and 'viminfo'
is non-empty, the marks for that file are read from the viminfo file. NOTE:
diff --git a/src/viminfo.c b/src/viminfo.c
index b16282856..399b4eb5d 100644
--- a/src/viminfo.c
+++ b/src/viminfo.c
@@ -3018,6 +3018,16 @@ write_viminfo(char_u *file, int forceit)
fname = viminfo_filename(file); // may set to default if NULL
if (fname == NULL)
return;
+#ifdef HAVE_READLINK
+ {
+ char_u buf[MAXPATHL];
+ if (resolve_symlink(fname, buf) == OK)
+ {
+ vim_free(fname);
+ fname = vim_strsave(buf);
+ }
+ }
+#endif
fp_in = mch_fopen((char *)fname, READBIN);
if (fp_in == NULL)
Best,
Christian
--
Einigkeit macht stark, aber meistens auch blind.
-- Sigmund Graff
--
--
You received this message from the "vim_dev" maillist.
Do not top-post! Type your reply below the text you are replying to.
For more information, visit http://www.vim.org/maillist.php
---
You received this message because you are subscribed to the Google Groups
"vim_dev" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to [email protected].
To view this discussion on the web visit
https://groups.google.com/d/msgid/vim_dev/20191026075235.GC24930%40256bit.org.
