diff options
| author | Tom Ryder <tom@sanctum.geek.nz> | 2018-06-10 00:54:44 +1200 |
|---|---|---|
| committer | Tom Ryder <tom@sanctum.geek.nz> | 2018-06-10 01:01:17 +1200 |
| commit | 5a257fe0030cbee3bd50422d592025fbed8e4bde (patch) | |
| tree | 40b463639fd3b52af774ddf49714adcfc81239a9 /contrib/vim/noplaintext.vim | |
| parent | dda2ecce34de808d22b4b0f388bd1cb640158a29 (diff) | |
| download | pass-5a257fe0030cbee3bd50422d592025fbed8e4bde.tar.gz pass-5a257fe0030cbee3bd50422d592025fbed8e4bde.tar.bz2 pass-5a257fe0030cbee3bd50422d592025fbed8e4bde.zip | |
Replace noplaintext.vim as redact_pass.vim plugin
Per debugging from Enno Nagel <enno.nagel+vim@gmail.com>, it's become
apparent to me that to have any degree of confidence that none of these
options have actually got any plaintext password data in them, we need
to disable the options globally when a password file is edited.
In particular, in the case of the 'viminfo' global option, it's not
possible to disable it per path, and not terribly meaningful either;
things like the last seach pattern or the contents of registers, i.e.
global state of the editor, are recorded. There's no sensible approach I
can see except to actually switch the feature off entirely by blanking
it.
I've therefore completely rewritten this, to make as thorough a check as
possible that the Vim user is editing a pass(1) file by calling `pass
edit`, and then to disable the "leaky" options globally, with an
explicit warning so that the user can see it's been done.
This plugin is also available as Vim script #5707:
<https://www.vim.org/scripts/script.php?script_id=5707>
Its homepage is here:
<https://sanctum.geek.nz/cgit/vim-redact-pass.git/about/>
Diffstat (limited to 'contrib/vim/noplaintext.vim')
| -rw-r--r-- | contrib/vim/noplaintext.vim | 46 |
1 files changed, 0 insertions, 46 deletions
diff --git a/contrib/vim/noplaintext.vim b/contrib/vim/noplaintext.vim deleted file mode 100644 index 9493194..0000000 --- a/contrib/vim/noplaintext.vim +++ /dev/null @@ -1,46 +0,0 @@ -" -" Prevent various Vim features from keeping the contents of pass(1) password -" files (or any other purely temporary files) in plaintext on the system. -" -" Either append this to the end of your .vimrc, or install it as a plugin with -" a plugin manager like Tim Pope's Pathogen. -" -" Author: Tom Ryder <tom@sanctum.geek.nz> -" - -" Don't backup files in temp directories or shm -if exists('&backupskip') - set backupskip+=/tmp/*,$TMPDIR/*,$TMP/*,$TEMP/*,*/shm/* -endif - -" Don't keep swap files in temp directories or shm -if has('autocmd') - augroup swapskip - autocmd! - silent! autocmd BufNewFile,BufReadPre - \ /tmp/*,$TMPDIR/*,$TMP/*,$TEMP/*,*/shm/* - \ setlocal noswapfile - augroup END -endif - -" Don't keep undo files in temp directories or shm -if has('persistent_undo') && has('autocmd') - augroup undoskip - autocmd! - silent! autocmd BufWritePre - \ /tmp/*,$TMPDIR/*,$TMP/*,$TEMP/*,*/shm/* - \ setlocal noundofile - augroup END -endif - -" Don't keep viminfo for files in temp directories or shm -if has('viminfo') - if has('autocmd') - augroup viminfoskip - autocmd! - silent! autocmd BufNewFile,BufReadPre - \ /tmp/*,$TMPDIR/*,$TMP/*,$TEMP/*,*/shm/* - \ setlocal viminfo= - augroup END - endif -endif |