diff options
| author | Glenn Morris | 2007-08-22 03:49:45 +0000 |
|---|---|---|
| committer | Glenn Morris | 2007-08-22 03:49:45 +0000 |
| commit | 90b64c0920b0c798feb624b2d963140ab35584e1 (patch) | |
| tree | 24d6d65b6b7077512f6edcf1e1d0c1c083949013 | |
| parent | 11bdb42c267a5eba63edabba9f82fa2a76481002 (diff) | |
| download | emacs-90b64c0920b0c798feb624b2d963140ab35584e1.tar.gz emacs-90b64c0920b0c798feb624b2d963140ab35584e1.zip | |
(backup-buffer-copy): Check backup directory is writable, to avoid
infloop deleting old backup.
| -rw-r--r-- | lisp/ChangeLog | 3 | ||||
| -rw-r--r-- | lisp/files.el | 14 |
2 files changed, 17 insertions, 0 deletions
diff --git a/lisp/ChangeLog b/lisp/ChangeLog index d338b717bb9..2e9bc28b7a7 100644 --- a/lisp/ChangeLog +++ b/lisp/ChangeLog | |||
| @@ -1,5 +1,8 @@ | |||
| 1 | 2007-08-22 Glenn Morris <rgm@gnu.org> | 1 | 2007-08-22 Glenn Morris <rgm@gnu.org> |
| 2 | 2 | ||
| 3 | * files.el (backup-buffer-copy): Check backup directory is | ||
| 4 | writable, to avoid infloop deleting old backup. | ||
| 5 | |||
| 3 | * mail/rmail.el (rmail-movemail-variant-p): Call on load to set | 6 | * mail/rmail.el (rmail-movemail-variant-p): Call on load to set |
| 4 | movemail related variables. | 7 | movemail related variables. |
| 5 | (rmail-insert-inbox-text): Use only rmail-movemail-program, which | 8 | (rmail-insert-inbox-text): Use only rmail-movemail-program, which |
diff --git a/lisp/files.el b/lisp/files.el index 94a8c383c5a..dfe976c6749 100644 --- a/lisp/files.el +++ b/lisp/files.el | |||
| @@ -3173,6 +3173,11 @@ BACKUPNAME is the backup file name, which is the old file renamed." | |||
| 3173 | 3173 | ||
| 3174 | (defun backup-buffer-copy (from-name to-name modes) | 3174 | (defun backup-buffer-copy (from-name to-name modes) |
| 3175 | (let ((umask (default-file-modes))) | 3175 | (let ((umask (default-file-modes))) |
| 3176 | (dir (or (file-name-directory to-name) | ||
| 3177 | default-directory))) | ||
| 3178 | ;; Can't delete or create files in a read-only directory. | ||
| 3179 | (unless (file-writable-p dir) | ||
| 3180 | (signal 'file-error (list "Directory is not writable" dir))) | ||
| 3176 | (unwind-protect | 3181 | (unwind-protect |
| 3177 | (progn | 3182 | (progn |
| 3178 | ;; Create temp files with strict access rights. It's easy to | 3183 | ;; Create temp files with strict access rights. It's easy to |
| @@ -3181,6 +3186,11 @@ BACKUPNAME is the backup file name, which is the old file renamed." | |||
| 3181 | (set-default-file-modes ?\700) | 3186 | (set-default-file-modes ?\700) |
| 3182 | (while (condition-case () | 3187 | (while (condition-case () |
| 3183 | (progn | 3188 | (progn |
| 3189 | ;; If we allow for the possibility of something | ||
| 3190 | ;; creating the file between delete and copy | ||
| 3191 | ;; (below), we must also allow for the | ||
| 3192 | ;; possibility of something deleting it between | ||
| 3193 | ;; a file-exists-p check and a delete. | ||
| 3184 | (condition-case nil | 3194 | (condition-case nil |
| 3185 | (delete-file to-name) | 3195 | (delete-file to-name) |
| 3186 | (file-error nil)) | 3196 | (file-error nil)) |
| @@ -3189,6 +3199,10 @@ BACKUPNAME is the backup file name, which is the old file renamed." | |||
| 3189 | (file-already-exists t)) | 3199 | (file-already-exists t)) |
| 3190 | ;; The file was somehow created by someone else between | 3200 | ;; The file was somehow created by someone else between |
| 3191 | ;; `delete-file' and `copy-file', so let's try again. | 3201 | ;; `delete-file' and `copy-file', so let's try again. |
| 3202 | ;; Does that every actually happen in practice? | ||
| 3203 | ;; This is a potential infloop, which seems bad... | ||
| 3204 | ;; rms says "I think there is also a possible race | ||
| 3205 | ;; condition for making backup files" (emacs-devel 20070821). | ||
| 3192 | nil)) | 3206 | nil)) |
| 3193 | ;; Reset the umask. | 3207 | ;; Reset the umask. |
| 3194 | (set-default-file-modes umask))) | 3208 | (set-default-file-modes umask))) |