bug-binutils
[Top][All Lists]
Advanced
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Bug binutils/26945] Unsafe chown+chmod in smart_rename, possibly elsewh

From: nickc at redhat dot com
Subject: [Bug binutils/26945] Unsafe chown+chmod in smart_rename, possibly elsewhere
Date: Mon, 30 Nov 2020 15:56:31 +0000 
https://sourceware.org/bugzilla/show_bug.cgi?id=26945

Nick Clifton <nickc at redhat dot com> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
             Status|NEW                         |ASSIGNED

--- Comment #10 from Nick Clifton <nickc at redhat dot com> ---
(In reply to Rich Felker from comment #9)
Hi Rich,

> It doesn't. The second file descriptor I'm talking about is the one to the
> original file that was read from, that will be replaced by the rename. This
> is the one you need to read old ownership/mode from with fstat. Using the
> name here is not safe (wrt using the right data).

OK - so would it be sufficient to pass in to smart_rename() a stat structure
of the source file, obtained when the source file was open ?  (And use that
stat structure, obviously).  The issue is that at the moment the callers of
smart_rename close their input file prior to invoking the function, and
restructuring the code to keep the input open is likely to lead to more
problems.

Cheers
  Nick

-- 
You are receiving this mail because:
You are on the CC list for the bug.
reply via email to
[Prev in Thread] Current Thread [Next in Thread]