Re: [PATCH 2/2] Ignore failure of setting mode on a temporary file on OS

autoconf-patches

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [PATCH 2/2] Ignore failure of setting mode on a temporary file on OS

From:	Paul Eggert
Subject:	Re: [PATCH 2/2] Ignore failure of setting mode on a temporary file on OS/2
Date:	Tue, 17 Oct 2023 11:58:01 -0700
User-agent:	Mozilla Thunderbird

On 10/17/23 11:16, Zack Weinberg wrote:

On Sun, Oct 15, 2023, at 3:43 AM, KO Myung-Hun wrote:

How about this ?
1. create and close a temporary file
2. chmod() on it
3. re-open it with O_TRUNC ?


The trouble is, on a multi-user system, any time you do any operation
by name on a file whose full pathname includes a world-writable
directory (such as the system-wide scratch directories), even if that
directory is “sticky” (chmod +t), you have to be exquisitely careful,
or a malicious concurrent process might be able to trick you into
overwriting some file elsewhere on the filesystem.  For example, your
steps 2 and 3, if executed as root on a file expected to exist in
/tmp, would give a malicious concurrent process a chance to clobber
the access control bits and/or the contents of *any file*, by moving
the temporary file out of the way


? If /tmp is sticky, a malicious process can't rename /tmp/foo.

The rest of your email and patch look good to me, though admittedly Ihaven't used perl for real in 30 years.

[Prev in Thread]

Current Thread

[Next in Thread]

[PATCH 0/2] OS/2 patches, KO Myung-Hun, 2023/10/14
- [PATCH 2/2] Ignore failure of setting mode on a temporary file on OS/2, KO Myung-Hun, 2023/10/14
  - Re: [PATCH 2/2] Ignore failure of setting mode on a temporary file on OS/2, Zack Weinberg, 2023/10/14
    - Re: [PATCH 2/2] Ignore failure of setting mode on a temporary file on OS/2, Russ Allbery, 2023/10/14
    - Re: [PATCH 2/2] Ignore failure of setting mode on a temporary file on OS/2, Zack Weinberg, 2023/10/17
    - Re: [PATCH 2/2] Ignore failure of setting mode on a temporary file on OS/2, KO Myung-Hun, 2023/10/15
    - Re: [PATCH 2/2] Ignore failure of setting mode on a temporary file on OS/2, Zack Weinberg, 2023/10/17
    - Re: [PATCH 2/2] Ignore failure of setting mode on a temporary file on OS/2, Paul Eggert <=
    - Re: [PATCH 2/2] Ignore failure of setting mode on a temporary file on OS/2, Zack Weinberg, 2023/10/18
    - Re: [PATCH 2/2] Ignore failure of setting mode on a temporary file on OS/2, KO Myung-Hun, 2023/10/18
    - Re: [PATCH 2/2] Ignore failure of setting mode on a temporary file on OS/2, Zack Weinberg, 2023/10/18
- [PATCH 1/2] Fix detection of GNU M4 on mksh, KO Myung-Hun, 2023/10/14
  - Re: [PATCH 1/2] Fix detection of GNU M4 on mksh, Zack Weinberg, 2023/10/14
    - Re: [PATCH 1/2] Fix detection of GNU M4 on mksh, KO Myung-Hun, 2023/10/15
    - Re: [PATCH 1/2] Fix detection of GNU M4 on mksh, Zack Weinberg, 2023/10/17
    - Re: [PATCH 1/2] Fix detection of GNU M4 on mksh, KO Myung-Hun, 2023/10/18
    - Re: [PATCH 1/2] Fix detection of GNU M4 on mksh, Zack Weinberg, 2023/10/18
    - Re: [PATCH 1/2] Fix detection of GNU M4 on mksh, KO Myung-Hun, 2023/10/19

Prev by Date: Re: [PATCH 2/2] Ignore failure of setting mode on a temporary file on OS/2
Next by Date: Re: [PATCH 1/2] Fix detection of GNU M4 on mksh
Previous by thread: Re: [PATCH 2/2] Ignore failure of setting mode on a temporary file on OS/2
Next by thread: Re: [PATCH 2/2] Ignore failure of setting mode on a temporary file on OS/2
Index(es):
- Date
- Thread