fixing mkstemp without securely setting mask/unmask #106
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Signed-off-by: Daniel Wang <daniel.wang@canonical.com>
dirk-thomas
reviewed
Jul 18, 2019
src/rospack.cpp
Outdated
| @@ -2061,7 +2061,9 @@ Rosstackage::writeCache() | |||
| { | |||
| FILE *cache = fopen(tmp_cache_path, "w"); | |||
| #else | |||
| mode_t mask = umask(S_IRUSR | S_IWUSR| S_IXUSR | S_IRWXG); | |||
There was a problem hiding this comment.
Your description mentioned 0600. Is that not a desired mask? Why also add read, write, execute/search for the group?
Is there a reason not to use S_IRWXU as a shortcut for the first three flags?
There was a problem hiding this comment.
Good point I will change it to S_IRWXU, I think default 0600 should be sufficient, but I'm not sure if any process requires read, write, execute group permission for concurrency. If not I will remove it. Thank you for your response
Signed-off-by: Daniel Wang <daniel.wang@canonical.com>
|
@dirk-thomas this is ready for another pass when you're able. |
|
Thanks for the patch. |
|
This patch broke the behavior since new cache files are currently created with a mask of |
This was referenced May 13, 2020
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
fix #101
In newer glibc's (versions > 2.06) reasonably secure permissions of 0600 are used when creating a temporary file with mkstemp(). But for older glibc and other platform this is not guaranteed.
Signed-off-by: Daniel Wang daniel.wang@canonical.com