mirror of
https://github.com/MidnightCommander/mc
synced 2024-12-23 04:46:55 +03:00
Security (inspired by Norbert Warmuth): make /tmp files 0600 and
create them with O_EXCL for sfs and extfs.
This commit is contained in:
parent
f55d906c37
commit
965880696c
@ -1,3 +1,8 @@
|
||||
Tue Dec 15 16:41:50 1998 Pavel Machek <pavel@atrey.karlin.mff.cuni.cz>
|
||||
|
||||
* extfs.c (extfs_open), sfs.c (redirect): create files 0600 and
|
||||
safely w.r.t. symlinks in /tmp
|
||||
|
||||
Mon Nov 30 23:49:11 1998 Pavel Machek <pavel@bug.ucw.cz>
|
||||
|
||||
* direntry.c: Hopefully got want_stale_data right...
|
||||
|
@ -607,6 +607,14 @@ static void *extfs_open (vfs *me, char *file, int flags, int mode)
|
||||
char *cmd, *archive_name, *p;
|
||||
|
||||
entry->inode->local_filename = strdup (tempnam (NULL, "extfs"));
|
||||
{
|
||||
int handle;
|
||||
|
||||
handle = open(entry->inode->local_filename, O_RDWR | O_CREAT | O_EXCL, 0600);
|
||||
if (handle == -1)
|
||||
return NULL;
|
||||
close(handle);
|
||||
}
|
||||
p = get_path_from_entry (entry);
|
||||
q = name_quote (p, 0);
|
||||
free (p);
|
||||
|
@ -1,6 +1,9 @@
|
||||
#
|
||||
# This is config for Single File fileSystem
|
||||
#
|
||||
# Notice that output files (%3) are pre-created atomically in /tmp
|
||||
# with 0600 rights, so it is safe to > %3
|
||||
#
|
||||
gz/1 gzip < %1 > %3
|
||||
ugz/1 gzip -cdf < %1 > %3
|
||||
bz/1 bzip < %1 > %3
|
||||
|
@ -104,6 +104,7 @@ static char *redirect( vfs *me, char *name )
|
||||
struct cachedfile *cur = head;
|
||||
uid_t uid = vfs_uid;
|
||||
char *cache, *xname;
|
||||
int handle;
|
||||
|
||||
while (cur) {
|
||||
if ((!strcmp( name, cur->name )) &&
|
||||
@ -117,6 +118,11 @@ static char *redirect( vfs *me, char *name )
|
||||
cur = cur->next;
|
||||
}
|
||||
cache = tempnam( NULL, "sfs" );
|
||||
handle = open(cache, O_RDWR | O_CREAT | O_EXCL, 0600);
|
||||
if (handle == -1)
|
||||
return "/SOMEONE_PLAYING_DIRTY_TMP_TRICKS_ON_US";
|
||||
close(handle);
|
||||
|
||||
xname = strdup( name );
|
||||
if (!vfmake( me, name, cache )) {
|
||||
cur = xmalloc( sizeof(struct cachedfile), "SFS cache" );
|
||||
|
Loading…
Reference in New Issue
Block a user