How do I keep vim from writing anything to the hard drive?

2

I would like to temporarily store and manipulate sensitive data in vim. I know it keeps cut and copy registers and swap files on the hard drive, though. If you think about this for a moment, you'll see my concern. I would like to open a vim session in which none of the data I enter or manipulate gets written to the hard drive. I have heard of PGP plugins for vim, in which you can write e-mail securely, encrypt it for certain recipients, save it, then encrypt it. Such a plugin must have already solved this problem. But I don't need any of the encryption features. I just need the "secretive" mode.

What will I have to do to accomplish this?

enigmaticPhysicist

Posted 2013-05-11T19:10:12.147

Reputation: 555

Besides from the answers below: When you're working with secret data more often, you'd want an encrypted swap anyway, too. – ott-- – 2013-05-11T21:44:49.977

Answers

2

If you want to be sure, you can always run it in chroot environment on temporary tmpfs filesystem.

Michał Šrajer

Posted 2013-05-11T19:10:12.147

Reputation: 2 495

1This does not provide an answer to the question. To critique or request clarification from an author, leave a comment below their post. – Simon – 2013-05-11T21:13:58.797

2@Simon, I do not agree. It is an answer indeed. If you run vim in chroot on tmpfs then problem is solved. vim has no way of writing anything to disk. – Michał Šrajer – 2013-05-11T21:19:01.790

Then more information on it in the answer would be good. – Austin T French – 2013-05-11T22:00:25.320

2@Simon, I agree with @Michał –– this is a very good answer.  I also happen to believe that it’s at an adequate level of detail.  If you need more information, just look up chroot and tmpfs in the manual or a search engine. – Scott – 2013-05-11T22:43:43.863

1Note that vim running in a chroot environment will have no way of accessing the secure documents, unless they're copied into that environment. (Your .vimrc and other vim configuration data would have to be copied in there as well) – Trevor Powell – 2013-05-13T23:18:55.130

This will work, but it takes some setup. vim, the libraries it depends on, and the vim runtime files all need to be copied to the chroot. The easiest way to do this is just to use a package manager. (pacman, in my case.) – enigmaticPhysicist – 2013-05-16T23:45:33.520

0

To achieve a limited feeling of security, you could put the lines below in ~/.discreetrc:

set noswapfile
set nobackup
set history=0
set viminfo=
set clipboard=

and launch Vim with:

$ vim -u ~/.discreetrc --noplugin secretfilename

but there are probably other useful options.

romainl

Posted 2013-05-11T19:10:12.147

Reputation: 19 227

-1

How about mapping the write command to something that doesn't write to the disk, e.g.,

:cmap w echo 'disabled!'

emallove

Posted 2013-05-11T19:10:12.147

Reputation: 1

Asked: 2013-05-11T19:10:12.147

Viewed: 170 times

Active: 2013-05-11T21:05:49.217