[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[PATCH] mkstemp: replace if system version uses wrong permissions
From: |
Eric Blake |
Subject: |
[PATCH] mkstemp: replace if system version uses wrong permissions |
Date: |
Wed, 27 Apr 2011 09:33:56 -0600 |
From: Reuben Thomas <address@hidden>
* m4/mkstemp.m4 (gl_FUNC_MKSTEMP): Add test for non-owner
read/write mode bits set in file created by mkstemp.
* doc/posix-functions/mkstemp.texi (mkstemp): Document the fix.
Signed-off-by: Eric Blake <address@hidden>
---
Here's the final version I'd like to push. It's modified a bit from
your version; are you okay with it still being in your name?
I tested on HP-UX 10.20 (which still has a cap on the maximum
number of mkstemp invocations, but surprisingly used correct
permissions); as well as verified that Solaris, BSD, Cygwin,
AIX, and Tru64 5.1 still passed.
ChangeLog | 5 +++++
doc/posix-functions/mkstemp.texi | 8 ++++----
m4/mkstemp.m4 | 13 +++++++++++--
3 files changed, 20 insertions(+), 6 deletions(-)
diff --git a/ChangeLog b/ChangeLog
index 247d541..958d993 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,6 +1,11 @@
2011-04-27 Reuben Thomas <address@hidden>
and Eric Blake <address@hidden>
+ mkstemp: replace if system version uses wrong permissions
+ * m4/mkstemp.m4 (gl_FUNC_MKSTEMP): Add test for non-owner
+ read/write mode bits set in file created by mkstemp.
+ * doc/posix-functions/mkstemp.texi (mkstemp): Document the fix.
+
mkstemp: mention clean-temp module
* lib/mkstemp.c: Add comment.
* doc/posix-functions/mkstemp.texi (mkstemp): Likewise.
diff --git a/doc/posix-functions/mkstemp.texi b/doc/posix-functions/mkstemp.texi
index 5a1e145..5f62b44 100644
--- a/doc/posix-functions/mkstemp.texi
+++ b/doc/posix-functions/mkstemp.texi
@@ -15,14 +15,14 @@ mkstemp
On some platforms (HP-UX 10.20, SunOS 4.1.4, Solaris 2.5.1), mkstemp has a
silly
limit that it can create no more than 26 files from a given template. On
OSF/1 4.0f, it can create only 32 files per process.
address@hidden
+On some older platforms, @code{mkstemp} can create a world or group
+writable or readable file, if you haven't set the process umask to
+077. This is a security risk.
@end itemize
Portability problems not fixed by Gnulib:
@itemize
address@hidden
-On platforms other than glibc 2.0.7 or newer, @code{mkstemp} can create a
-world or group writable or readable file, if you haven't set the process
-umask to 077. This is a security risk.
@end itemize
The gnulib module clean-temp can create temporary files that are less
diff --git a/m4/mkstemp.m4 b/m4/mkstemp.m4
index c5cd282..06187c6 100644
--- a/m4/mkstemp.m4
+++ b/m4/mkstemp.m4
@@ -1,4 +1,4 @@
-#serial 19
+#serial 20
# Copyright (C) 2001, 2003-2007, 2009-2011 Free Software Foundation, Inc.
# This file is free software; the Free Software Foundation
@@ -10,6 +10,8 @@
# Other systems lack mkstemp altogether.
# On OSF1/Tru64 V4.0F, the system-provided mkstemp function can create
# only 32 files per process.
+# On some hosts, mkstemp creates files with mode 0666, which is a security
+# problem and a violation of POSIX 2008.
# On systems like the above, arrange to use the replacement function.
AC_DEFUN([gl_FUNC_MKSTEMP],
[
@@ -30,6 +32,7 @@ AC_DEFUN([gl_FUNC_MKSTEMP],
off_t large = (off_t) 4294967295u;
if (large < 0)
large = 2147483647;
+ umask (0);
for (i = 0; i < 70; i++)
{
char templ[] = "conftest.mkstemp/coXXXXXX";
@@ -39,9 +42,15 @@ AC_DEFUN([gl_FUNC_MKSTEMP],
result |= 1;
else
{
+ struct stat st;
if (lseek (fd, large, SEEK_SET) != large)
result |= 2;
- close (fd);
+ if (fstat (fd, &st) < 0)
+ result |= 4;
+ else if (st.st_mode & 0077)
+ result |= 8;
+ if (close (fd))
+ result |= 16;
}
}
return result;]])],
--
1.7.4.4
- Re: mkstemp, (continued)
- Re: mkstemp, Reuben Thomas, 2011/04/27
- Re: mkstemp, Eric Blake, 2011/04/27
- Re: mkstemp, Reuben Thomas, 2011/04/27
- Re: mkstemp, Eric Blake, 2011/04/27
- Re: mkstemp, Reuben Thomas, 2011/04/27
- Re: mkstemp, Bruno Haible, 2011/04/27
- Re: mkstemp, Eric Blake, 2011/04/27
- Re: mkstemp, Bruno Haible, 2011/04/27
- Re: mkstemp, Reuben Thomas, 2011/04/27
- Re: mkstemp, Eric Blake, 2011/04/27
- [PATCH] mkstemp: replace if system version uses wrong permissions,
Eric Blake <=
- Re: [PATCH] mkstemp: replace if system version uses wrong permissions, Reuben Thomas, 2011/04/27
- Re: [PATCH] mkstemp: replace if system version uses wrong permissions, Eric Blake, 2011/04/27
- Re: [PATCH] mkstemp: replace if system version uses wrong permissions, Bruno Haible, 2011/04/27
- Re: mkstemp, Bruno Haible, 2011/04/27
- Re: mkstemp, Eric Blake, 2011/04/27