[SOLVED] How to stop vim from storing sensitive data in registers indefinitely?
by linuxuser371038 from LinuxQuestions.org on (#6MH0N)
This is a huge security problem.
If opening a file in vim, such as a password file, or even highlighting it either on a browser or unnamed register then vim will just keep that data indefinitely.
How can you stop vim from absorbing data you don't want it to take in and keeping it visible in the registers indefinitely?
It even saves that data between restarts.
Of course the registers are useful most of the time so I don't want them disabled completely just to not take up sensitive data when I don't want it to.
I have found a command to wipe all registers for a vim session but this has little practical benefit as if you open a new vim then the information will be visible again so it is being held somewhere else.
Not sure the best way to work it is in order to have access to the registers for everyday tasks, as I use them often, and vim is my main editor, but for sensitive data to be kept out of them.
I also use gnu pass and notice that vim does not store those ones as pass wipes its register after 45 seconds.
I don't want to use pass for everything though or at least I don't want the same store for everything but many use cases don't warrant a whole new store. Sometimes passwords are not ones I want to keep for ages so pass may not be suitable.
So is there not another way to have similar functionality, to be able to open a password file to use the password but then make sure it is wiped from any system registered when whatever opened it closes?
EDIT: Oh I see the .viminfo is where all this is stored so either deleting that or preventing it from using one at the startup of vim with -i flag should do the job. As long as I have the * and + registers, which don't seem beholden to the .viminfo, I think I can do without all the other registers.
EDIT 2: Unless there is any further comment adding Code:set viminfo="0" to Code:.vimrc seems to have done the trick.
If opening a file in vim, such as a password file, or even highlighting it either on a browser or unnamed register then vim will just keep that data indefinitely.
How can you stop vim from absorbing data you don't want it to take in and keeping it visible in the registers indefinitely?
It even saves that data between restarts.
Of course the registers are useful most of the time so I don't want them disabled completely just to not take up sensitive data when I don't want it to.
I have found a command to wipe all registers for a vim session but this has little practical benefit as if you open a new vim then the information will be visible again so it is being held somewhere else.
Not sure the best way to work it is in order to have access to the registers for everyday tasks, as I use them often, and vim is my main editor, but for sensitive data to be kept out of them.
I also use gnu pass and notice that vim does not store those ones as pass wipes its register after 45 seconds.
I don't want to use pass for everything though or at least I don't want the same store for everything but many use cases don't warrant a whole new store. Sometimes passwords are not ones I want to keep for ages so pass may not be suitable.
So is there not another way to have similar functionality, to be able to open a password file to use the password but then make sure it is wiped from any system registered when whatever opened it closes?
EDIT: Oh I see the .viminfo is where all this is stored so either deleting that or preventing it from using one at the startup of vim with -i flag should do the job. As long as I have the * and + registers, which don't seem beholden to the .viminfo, I think I can do without all the other registers.
EDIT 2: Unless there is any further comment adding Code:set viminfo="0" to Code:.vimrc seems to have done the trick.