password-store.el for emacs doesn't inhibit backup-files

Michael Eliachevitch m.eliachevitch at
Wed Mar 16 14:07:13 UTC 2022

Hello all,

I found that when I edit passwords in emacs via `password-store-edit`, emacs creates backup-files with plain-text passwords, which in my personal configuration (via no-littering.el) are stored persitently in my home directory. As I understand, the above emacs commands just runs `pass edit` in a subprocess, so that the password is edited in /dev/shm as a text-file in the normal `text-mode`.

When using emacs directly to open gpg files to edit their plain-text content, emacs does the right thing and encrypts the backups, but that's not the case for editing plain-text-files. Also, the absense of a special emacs-mode for editing passwords make it a bit more tricky to disable backups for password-files. E.g. the emacs backup documentation [1] give the following example for disabling backups for a specific major mode:

   (add-hook 'rmail-mode-hook
           (lambda () (setq-local make-backup-files nil)))

It would be nice to somehow also set `make-backup-files` to nil for password-files. Ideally, that could be should be in the password-store package to have security by default. The solution that I found for me was to edit `backup-enable-predicate` (which takes a file path) to disable backups for files in `/dev/shm`:

   (defun my-backup-enable-predicate (name)
       (and (normal-backup-enable-predicate name)
           (not (s-starts-with-p "/dev/shm" fpath))))

   (setq backup-enable-predicate #'my-backup-enable-predicate)

This works for me but isn't an ideal solution. password-store.el might an an advice to `backup-enable-predicate` to extend it, though modifying a user-option doesn't seem ideal to me.

I found that the `pass` emacs-package [2], which wraps and extends password-store.el, does open the GPG file directly with a special major-mode when using its `pass-view` command, which prevents the issue.

But I think there should be a solution that really works with `pass edit`, even when invoked from the CLI. Of course it will only ever work if the user also loads password-store.el in their emacs initialization, but it's better than nothing.

Any suggestions how this could be done within password-store.el? Or is just something wrong with my config? Should we maybe document this behavior somewhere to raise awareness? Maybe that's something that should be fixed from emacs-side, e.g. by not having backups by default for `/dev/shm`?

Michael Eliachevitch


Michael Eliachevitch
Public PGP Key:
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 519 bytes
Desc: not available
URL: <>

More information about the Password-Store mailing list