Hosting Provided By

Re: .exrc file security risks

From: Benjamin A. Okopnik <ben(at)callahans.org>
Date: Thu May 01 2003 - 11:58:53 EDT

On Wed, Apr 30, 2003 at 08:09:49AM -0400, Reg Quinton wrote:
> > external commands. So you have the situation where if a .exrc file is

There's a cautionary note in the Vim help files that has to do with ".exrc" files in directories other than $HOME; those get read as default behavior unless "secure" is set in EXINIT or "~/.exrc" (note that this is standard for "vim"; I _believe_ it's also standard for "vi" but have no way to test at the moment.) A user opening up an untrusted tarball is all it would take.

Ben Okopnik
-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- Linux: The OS people choose without $200,000,000 of persuasion.

Mike Coleman

Received on Thu May 1 17:53:13 2003

This message: [ Message body ]
Next message: Darren J Moffat: "Re: .exrc file security risks"
Previous message: Benjamin A. Okopnik: "Re: .exrc file security risks"
In reply to: Reg Quinton: "Re: .exrc file security risks"
In reply to Reg Quinton: "Re: .exrc file security risks"
Next in thread: Benjamin A. Okopnik: "Re: .exrc file security risks"

Contemporary messages sorted: [ By Date ] [ By Thread ] [ By Subject ] [ By Author ] [ By messages with attachments ]

This archive was generated by hypermail 2.1.8 : Wed Aug 23 2006 - 14:01:37 EDT