OSDN -- Développer et télécharger des logiciels Open Source
Traduction statut du Français translation status for fr

[Ludiafuncs-hackers] Set umask before creating temporary file

Back to archive index

Sawada Masahiko sawad****@gmail*****
2015年 7月 17日 (金) 16:06:05 JST 

On Thu, Jul 16, 2015 at 10:06 PM, Fujii Masao <masao****@gmail*****> wrote:
> On Thu, Jul 16, 2015 at 8:49 PM, Sawada Masahiko <sawad****@gmail*****> wrote:
>> Hi all,
>>
>> According to CoverityScan, ludia_funcs probably has security problem
>> around creating temporary file.
>> Returning wrong result by rewriting temporary file by attacker before
>> returning client is possible.
>> mkstemp(), is used currently ludia_funcs, creates temporary file with
>> 0600 permission already, but a such behavior might be changed at some
>> day.
>> Attached patch adds setting of umask before creating temporary file.
>
> Good catch!
>
> +#define TP_MKSTEMP_UMASK 0177
>
> Isn't it better to move this near other textporter's macro variables?
> If yes, I think that it's better to use TEXTPORTER_ as the prefix of
> the variable name.

I agree with you, latest patch attached.

> +                * For security reason, set umask to ensure creating temporary
> +                * file with 0600 permission.
>
> Could you elaborate the "security reason" in the comment? Otherwise
> I'm afraid that we can easily forget what the "security reason" is here.

If the file permission is not set properly, non-execution user who
doesn't have permission to access temporary file can read them,
which leads information leak, I think.

Regards,

--
Masahiko Sawada
-------------- next part --------------
$B%F%-%9%H7A<00J30$NE:IU%U%!%$%k$rJ]4I$7$^$7$?(B...
$B%U%!%$%kL>(B: add_setting_umask_v2.patch
$B7?(B:         text/x-patch
$B%5%$%:(B:     1115 $B%P%$%H(B
$B @ bL@(B:       $BL5$7(B
Télécharger


Ludiafuncs-hackers メーリングリストの案内
Back to archive index