Bug 70953

Summary:	Can we have an option to have the vim modeline on
Product:	Gentoo Linux	Reporter:	Chris Lear <chris.lear>
Component:	New packages	Assignee:	Vim Maintainers <vim>
Status:	RESOLVED WONTFIX
Severity:	minor
Priority:	High
Version:	unspecified
Hardware:	All
OS:	Linux
Whiteboard:
Package list:		Runtime testing required:	---

Description Chris Lear 2004-11-12 04:53:33 UTC

Vim modelines used to be a potential security threat. See bug #14088 for info.

Vim has been fixed so that modelines are no longer vulnerable, but Gentoo still turns them off by default (set nomodeline in /etc/vim/vimrc).
Presumably this is because of this idea:
"Even when/if vim is fixed, I strongly recommend keeping this solution to 
 prevent from similar exploits in the future. Scripting sux - check windows 
 history."

But gentoo uses modelines. Look at this:
$ grep -r vim: /etc/* | wc -l
46

46 files in a Gentoo /etc/ have vim modelines in them.

Can we have modelines back on by default, or at least a modelines USE flag?

Clearly this isn't critical, because it's easy to tweak the vimrc.

Reproducible: Always
Steps to Reproduce:
1. vim /etc/init.d/checkfs

Actual Results:  
Tabs are 8 chars

Expected Results:  
Tabs should be 4 chars, as per the modeline
# vim:ts=4

This works OK.

$ diff vim.eclass vim.eclass.modeline 
68a69,73
>               ##################
>               ## MODELINE USE FLAG
>               ##################
>               IUSE="$IUSE modeline"
>               ##################
420a426,433
>               ##################
>               ## MODELINE USE FLAG
>               ##################
>               if use modeline ; then
>                       sed -i -e 's/^set nomodeline/"Commented by USE
setting\n"&/' ${FILESDIR}/vimrc
>               fi
>               ##################
>

Comment 1 Ciaran McCreesh 2004-11-12 13:31:32 UTC

You can turn them on in the user vimrc, or edit the global one as you prefer.

Comment 2 Chris Lear 2004-11-15 01:28:37 UTC

> You can turn them on in the user vimrc, or edit the global one as you prefer.

I know that. It's what I've been doing. I just thought it would be nice to have the option to install a non-crippled vim via a USE flag. Especially since modelines basically do *not* have any security issues. If (for example) vim was shipped with "set compatible" in the vimrc by default, I don't think you would just say "you can edit vimrc if you want to" when people complained.

Comment 3 Ciaran McCreesh 2004-11-15 10:58:55 UTC

A USE flag is really overkill for this -- if we were patching out modeline support then fine, but all we're doing is setting the default value to off. The compatible thing isn't a fair comparison -- just the prescence of a .vimrc is enough to turn it off, and we're patching vim to really encourage it to not go compat unless the user explicitly requests it.

Regarding security -- have you actually gone through and done a full audit of every last bit of code that sandboxed code can get at? This includes checking things like screwy regexes not being able to trick the parser into allocating the wrong amount of memory leading to an overflow.

Comment 4 Chris Lear 2004-11-16 03:37:36 UTC

> A USE flag is really overkill for this 

I agree. I just thought it might be worth coming up with it as an option.

> The compatible thing isn't a fair comparison 

You're right. I was being deliberately over-the-top.

> Regarding security -- have you actually gone through 
> and done a full audit of every last bit of code 

I certainly haven't. I just took Bram Moolenaar's word for it.

Anyway, I'm yielding, fairly contentedly. Thanks for making the effort to spell out your reasons. Apologies if I've wasted your time.

This is the first time I've used Gentoo bugzilla, and I'm very impressed by the service :)

Comment 5 Chris Lear 2004-12-16 02:45:50 UTC

See ftp://ftp.vim.org/pub/vim/patches/6.3/6.3.045.
Turns out Ciaran McCreesh is better at checking these things out than me...