[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [PATCH 2/2] Ignore failure of setting mode on a temporary file on OS
|
From: |
Zack Weinberg |
|
Subject: |
Re: [PATCH 2/2] Ignore failure of setting mode on a temporary file on OS/2 |
|
Date: |
Wed, 18 Oct 2023 13:21:55 -0400 |
|
User-agent: |
Cyrus-JMAP/3.9.0-alpha0-1019-ged83ad8595-fm-20231002.001-ged83ad85 |
On Tue, Oct 17, 2023, at 2:58 PM, Paul Eggert wrote:
> On 10/17/23 11:16, Zack Weinberg wrote:
...
>> you have to be exquisitely careful, or a malicious concurrent process
>> might be able to trick you into overwriting some file elsewhere on
>> the filesystem.
...
> ? If /tmp is sticky, a malicious process can't rename /tmp/foo.
I might be wrong about that specific thing. It's been long enough that
I no longer remember the exact details, but there was a CVE reported
against GCC ... I want to say circa version 2.95 ... because it would
create temporary files with predictable names in /tmp and it was
*somehow* possible for a malicious process to substitute symlinks
pointing into /etc, and if you were running the compiler as root, which
you shouldn't but it happens all the time, boom, trashed /etc/shadow or
something equally important.
It is possible that this exploit depended on a kernel bug where the
sticky bit didn't do everything it needed to do, but since people
still want to run autoconf proper (not just configure scripts) on
ancient systems, I think we need to be careful anyway.
zw
[PATCH 1/2] Fix detection of GNU M4 on mksh, KO Myung-Hun, 2023/10/14
- Re: [PATCH 1/2] Fix detection of GNU M4 on mksh, Zack Weinberg, 2023/10/14
- Re: [PATCH 1/2] Fix detection of GNU M4 on mksh, KO Myung-Hun, 2023/10/15
- Re: [PATCH 1/2] Fix detection of GNU M4 on mksh, Zack Weinberg, 2023/10/17
- Re: [PATCH 1/2] Fix detection of GNU M4 on mksh, KO Myung-Hun, 2023/10/18
- Re: [PATCH 1/2] Fix detection of GNU M4 on mksh, Zack Weinberg, 2023/10/18
- Re: [PATCH 1/2] Fix detection of GNU M4 on mksh, KO Myung-Hun, 2023/10/19