[Top][All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

bug#6953: 24.0.50; serious security bug in create backup files

From: Mark Diekhans
Subject: bug#6953: 24.0.50; serious security bug in create backup files
Date: Thu, 2 Sep 2010 09:33:36 -0700

Ah, this is because copy-file (in fileio.c) does
      fchmod (ofd, st.st_mode & 07777);

It seems like copy-file needs an option to disable this.

The behavior of backup-buffer-copy where it keeps the existing
file would also be a hole.

mark <sigh>

Glenn Morris <address@hidden> writes:
> address@hidden wrote:
> > Oh, wait, it doesn't look like there is a problem with your patch,
> > only the comment ;-)   backup-buffer-copy says:
> >
> >       ;; Create temp files with strict access rights.  It's easy to
> >       ;; loosen them later, whereas it's impossible to close the
> >       ;; time-window of loose permissions otherwise.
> I don't know what this comment means. There are no "temp files" AFAICS
> (unless copy-file creates some internally). I think this comment may
> be a leftover from when this code used write-region rather than
> copy-file. Indeed the whole mode-changing bit may be as well. C-h f
> copy-file says: "This function always sets the file modes of the
> output file to match the input file."
> Eg:
> touch ~/1
> chmod 644 ~/1
> (set-default-file-modes ?\700)
> (copy-file "~/1" "~/2" t t t)
> ls -l ~/2  # -> world readable

reply via email to

[Prev in Thread] Current Thread [Next in Thread]