Re: [exim-dev] fopen(), umask, and file permissions

Top Page
This message is part of the following thread:
M-\the complete thread tree sorted by date
M\MPhilip Hazel at <-
MMMNigel Metheringham at ->
Delete this message
Reply to this message
Author: Wakko Warner
Date:  
To: exim-dev
Subject: Re: [exim-dev] fopen(), umask, and file permissions
Philip Hazel wrote:
> + FILE *
> + modefopen(uschar *filename, char *options, mode_t mode)
> + {
> + FILE *f;
> + umask(0777);
> + f = Ufopen(filename, options);
> + umask(0);
> + if (f != NULL) (void)fchmod(fileno(f), mode);
> + return f;
> + }

Is it possible this could be a slight security concern?

You're creating a file with mode 777 and later chmodding it.

I don't know the code that uses fopen, but it could also be possible that a
file that already exsists with a specific mode gets it's mode clobbered.

One could use open(2) then fdopen(3), but again, I don't know the code well
enough to know for sure.

--
Lab tests show that use of micro$oft causes cancer in lab animals
Got Gas???


This message was posted to the following mailing lists:
Exim-dev
Mailing List Info | Nearby Messages		<-Re: [exim-dev] fopen(), umask, and file permissionsRe: [exim-dev] fopen(), umask, and file permissions->
Tahini and Hummus and Cumin Development Archives administrated by cumin AdminsLurker (version 2.3)