[bug#74002] [PATCH] create directory with specified permissions in mkdir

guix-patches

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[bug#74002] [PATCH] create directory with specified permissions in mkdir

From:	Reepca Russelstein
Subject:	[bug#74002] [PATCH] create directory with specified permissions in mkdir-p/perms
Date:	Fri, 25 Oct 2024 01:48:03 -0500
User-agent:	Gnus/5.13 (Gnus v5.13)

mkdir-p/perms in (gnu build activation) currently first creates the
target directory with its permissions restricted solely by umask, then
changes the permissions afterward.  This leaves a window during which it
is possible that read and/or execute bits for untrusted users may be set
on the target directory.

By changing it so that the directory, if it is created, is created with
no more permissions than the caller specified, we can be confident that
if the directory didn't already exist - for example because it was
deliberately deleted in advance - it at no point was more accessible
than intended.

- reepca

0001-gnu-build-create-directory-with-specified-perms-in-m.patch
Description: Text Data

signature.asc
Description: PGP signature

[Prev in Thread]

Current Thread

[Next in Thread]

[bug#74002] [PATCH] create directory with specified permissions in mkdir-p/perms, Reepca Russelstein <=

Prev by Date: [bug#74000] [PATCH v2] gnu: Add owl.
Next by Date: [bug#74003] [PATCH] gnu: kdiskmark: Update to 3.1.4. [security fixes]
Previous by thread: [bug#74000] [PATCH] gnu: Add owl.
Next by thread: [bug#74003] [PATCH] gnu: kdiskmark: Update to 3.1.4. [security fixes]
Index(es):
- Date
- Thread