Re: GNUstep introduces a serious security problem

[Tim Kack]

Yes, this seems to that is the case here - I read through some GNU docs as well (not that I do not trust your research Richard!).

But since this might be confusing since GNUstep is supposed to be cross platform.

On Windows you get:

'$ ./obj/testFilePerms.exe

2009-03-18 08:31:38.361 testFilePerms[5984] File NSData.m: 1050. In [NSDataMallo

c -writeToFile:atomically:] Rename ('C:/tmp/permissionstestFile.txta04820' to 'C

:/tmp/permissionstestFile.txt') failed - The operation completed successfully.

2009-03-18 08:31:38.361 testFilePerms[5984] Failure'

I suggest that we add a line to the documentation that says:

"Depending on which operating system you are using, any existing file might be overwritten regardless of file protection mask".

Best regards,

Tim

On Wed, Mar 18, 2009 at 8:06 AM, Richard Frith-Macdonald <richard@tiptree.demon.co.uk> wrote:

On 17 Mar 2009, at 23:31, Tim Kack wrote:

Hi Igor,

I opened bug #25904 for this, please add the findings to that if needed.
I will check more on this tomorrow.
Note, this is not a security issue - it is only the owner that can touch the file, but it can lead to overwriting data that you didn't want to have overwritten. A nuisance of course.
GNUstep is not using anything that can override the operating systems permissions checks, it is all built upon standard base libraries (glibc etc).

It turns out that there is no issue/bug here.  The example/test code was asking to replace an existing file, and the library was doing that.
On Unix-style systems, if you want to protect a file so that it cannot be replaced, you have to change the permissions of the directory containing the file, not those of the file itsself.