After an evaluation, GNOME has moved from Bugzilla to GitLab. Learn more about GitLab.
No new issues can be reported in GNOME Bugzilla anymore.
To report an issue in a GNOME project, go to GNOME GitLab.
Do not go to GNOME Gitlab for: Bluefish, Doxygen, GnuCash, GStreamer, java-gnome, LDTP, NetworkManager, Tomboy.
Bug 331072 - Editing ftp files via vfs shouldn't be on by default.
Editing ftp files via vfs shouldn't be on by default.
Status: RESOLVED OBSOLETE
Product: gedit
Classification: Applications
Component: general
2.13.x
Other All
: High normal
: 2.14.0
Assigned To: Gedit maintainers
Gedit maintainers
Depends on:
Blocks:
 
 
Reported: 2006-02-13 23:16 UTC by Dean Sas
Modified: 2009-12-29 10:25 UTC
See Also:
GNOME target: ---
GNOME version: ---


Description Dean Sas 2006-02-13 23:16:18 UTC 
Using nautilus to browse an ftp location I can right-click and then edit the file however it always opens up as read only, even if permissions are 777.

I can then go to "save as" and overwrite the supposedly read only file

Starting gedit from a terminal, typing in some random gibberish and then overwriting an existing file works absolutely fine.

The writable vfs schemas in gconf are ssh, sftp, smb, dav and davs.

If editing ftp files isn't safe then isn't this behaviour dangerous? If it is safe, then surely the first way should work?

gedit 2.13.90
Comment 1 Paolo Borelli 2006-02-13 23:24:16 UTC 
part of the problem is that in unix if a user has permission to delete and create files in a directory, in this directory he can also delete files he doesn't have permissiono to write to: now gedit remote save works by saving a local file and then tranfering the file to the remote location and replacing the old file, so gnome-vfs doesn't complain if you replace a file you don't have permission to write, provided you have permission to write in the dir.

Our reason to avoid ftp in the enabled protocols is due to the also fact that getting permissions with the ftp method of gnome-vfs is not reliable.
Comment 2 Paolo Maggi 2006-02-14 09:46:42 UTC 
Do you mean you are able to use the ftp method for writing (using the "save as" dialog) even if "ftp" is not writable vfs schema in gconf?
Comment 3 Dean Sas 2006-02-15 18:18:58 UTC 
Yes, that's exactly what I meant. 

Sorry for not being clearer.
Comment 4 Paolo Maggi 2006-02-22 14:23:48 UTC 
We probably need to add some checks about the URI returned by the Save (As) dialog.
Comment 5 Renato 2006-04-14 06:28:40 UTC 
Another place to add checks is the dialog auto-opened when closing a modified file. Here there are no checks about writable schemas, and it indeed saves over ftp even if it is not configured as such in gconf.
Comment 6 Daniel Holbach 2006-08-02 10:04:16 UTC 
The problem is mentioned in https://launchpad.net/distros/ubuntu/+source/gedit/+bug/38066 as well.
Comment 7 Frederic Crozat 2008-02-14 12:27:41 UTC 
also reported as http://bugzilla.gnome.org/show_bug.cgi?id=331072
Comment 8 Frederic Crozat 2008-02-14 12:44:04 UTC 
oops, bad copy paste ;)

I mean http://qa.mandriva.com/show_bug.cgi?id=37759
Comment 9 Mantas Kriaučiūnas 2008-06-17 08:14:13 UTC 
If user can put file into some ftp location then he think, that this file should be editable, so, this is an usability issue. Maybe editing ftp files is safe in gvfs/gio, or still not safe?
We should either open file in read-write mode and display a warning (If you think, that editing ftp files still isn't safe) when user wanna save this file in ftp location or open file in read-only mode and display an explanation why file from ftp location is opened in read-only mode.
Btw, bluefish editor opens file in read-write mode from ftp locations.
Comment 10 Paolo Borelli 2009-12-29 10:25:06 UTC 
This was obsoleted by the switch to gio/gvfs