Re: creating backups in temporary directories

emacs-devel

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: creating backups in temporary directories

From:	David Kastrup
Subject:	Re: creating backups in temporary directories
Date:	Mon, 10 Sep 2007 03:11:31 +0200
User-agent:	Gnus/5.11 (Gnus v5.11) Emacs/22.1.50 (gnu/linux)

Andreas Schwab <address@hidden> writes:

> David Kastrup <address@hidden> writes:
>
>> Stefan Monnier <address@hidden> writes:
>>
>>> In a directory with mode 777, that's true: everything is dangerous.
>>> But in a directory with mode 1777 when you open a file that *you* own,
>>> nobody else can remove it or rename it, so normally nobody can replace it
>>> with a symlink.  Emacs creates the problem when it moves /tmp/foo to
>>> /tmp/foo~ at which point /tmp/foo is free for an attacker to take.
>>
>> Well, the alternative is to make a hard link of /tmp/foo to /tmp/foo~,
>> then creat /tmp/foo over it and fill it with contents without
>> reopening.
>>
>> That should close the time window for an attack.
>
> You have to unlink the file first,

Well, seems I misread the manual page for open/creat.  I thought that
without O_EXCL, the file would get replaced.

Well, then there still is the contorted way of hard linking /tmp/foo
to /tmp/foo~, opening /tmp/randomfilename for write, renaming it to
/tmp/foo and then finishing the write operation.

-- 
David Kastrup, Kriemhildstr. 15, 44793 Bochum

[Prev in Thread]

Current Thread

[Next in Thread]

Re: creating backups in temporary directories, (continued)
- Re: creating backups in temporary directories, David Kastrup, 2007/09/07
  - Re: creating backups in temporary directories, Stefan Monnier, 2007/09/07
    - Re: creating backups in temporary directories, Sven Joachim, 2007/09/07
    - Re: creating backups in temporary directories, David Kastrup, 2007/09/07
    - Re: creating backups in temporary directories, Richard Stallman, 2007/09/08
    - Re: creating backups in temporary directories, Stefan Monnier, 2007/09/07
    - Re: creating backups in temporary directories, Richard Stallman, 2007/09/08
    - Re: creating backups in temporary directories, Stefan Monnier, 2007/09/09
    - Re: creating backups in temporary directories, David Kastrup, 2007/09/09
    - Re: creating backups in temporary directories, Andreas Schwab, 2007/09/09
    - Re: creating backups in temporary directories, David Kastrup <=
    - Re: creating backups in temporary directories, Davis Herring, 2007/09/10
    - Re: creating backups in temporary directories, David Kastrup, 2007/09/10
    - Message not available
    - Re: creating backups in temporary directories, Davis Herring, 2007/09/10
    - Re: creating backups in temporary directories, Richard Stallman, 2007/09/11
    - Re: creating backups in temporary directories, Davis Herring, 2007/09/11
    - Re: creating backups in temporary directories, Richard Stallman, 2007/09/09
    - Re: creating backups in temporary directories, Stefan Monnier, 2007/09/09
    - Re: creating backups in temporary directories, Davis Herring, 2007/09/07
    - Re: creating backups in temporary directories, Chris Moore, 2007/09/08
    - Re: creating backups in temporary directories, Richard Stallman, 2007/09/08

Prev by Date: RE: keypad-*-setup
Next by Date: Re: Bumpe unicode2 branch version to 23.0.52 (was: does emacs-unicode-2 branch stop developing?)
Previous by thread: Re: creating backups in temporary directories
Next by thread: Re: creating backups in temporary directories
Index(es):
- Date
- Thread