There’s an unintended security sideeffect of these autosave features that one should be aware of:
In web environments it’s often common that files with a certain extension get executed by an interpreter (e.g. index.php), while “unknown” extensions will just get shipped to the user. There might be secrets (think wp-config.php) in those files that now become accessible for an attacker.
kate likely isn’t widely used on web servers, but a) may still be used on a desktop with later uploads and b) vim has very similar functionality. Particularly with vim this is a super-common vulnerability to have https://[host]/.wp-config.php.swp downloadable.
This is more or less what I do (though I put mine inside ~/.cache). I mostly did this because I got tired of adding the .swp things to various ignore lists for syncing / backup tools but it also means that they don’t get copied to random locations and if I rsync a directory while a file is open then vim doesn’t permanently think it’s open on the remote machine.
Not a user of either (you can pry Emacs from my cold dead RSI-afflicted fingers) but is it really true that GEdot doesn’t have an automatic save/recovery mechanism? That seems like table stakes for a serious text editor.
There’s an unintended security sideeffect of these autosave features that one should be aware of:
In web environments it’s often common that files with a certain extension get executed by an interpreter (e.g. index.php), while “unknown” extensions will just get shipped to the user. There might be secrets (think wp-config.php) in those files that now become accessible for an attacker.
kate likely isn’t widely used on web servers, but a) may still be used on a desktop with later uploads and b) vim has very similar functionality. Particularly with vim this is a super-common vulnerability to have https://[host]/.wp-config.php.swp downloadable.
True, but it’s easily fixed:
This is more or less what I do (though I put mine inside
~/.cache). I mostly did this because I got tired of adding the .swp things to various ignore lists for syncing / backup tools but it also means that they don’t get copied to random locations and if I rsync a directory while a file is open then vim doesn’t permanently think it’s open on the remote machine.Not a user of either (you can pry Emacs from my cold dead RSI-afflicted fingers) but is it really true that GEdot doesn’t have an automatic save/recovery mechanism? That seems like table stakes for a serious text editor.
continuous autosave is one of my favourite vim features too. definitely saved me a ton of lost work on more than one occasion.