From 7576ff00f3e014db84ae1a044ae60a78c2222c31 Mon Sep 17 00:00:00 2001 From: Sebastian Dransfeld Date: Wed, 16 Oct 2013 04:28:53 +0200 Subject: [PATCH] Set secure file permissions for temporary file From glibc mkstemp man page: In glibc versions 2.06 and earlier, the file is created with permissions 0666, that is, read and write for all users. This old behavior may be a security risk, especially since other UNIX flavors use 0600, and somebody might overlook this detail when porting programs. POSIX.1-2008 adds a requirement that the file be created with mode 0600. More generally, the POSIX specification of mkstemp() does not say anything about file modes, so the application should make sure its file mode creation mask (see umask(2)) is set appropriately before calling mkstemp() (and mkostemp()). And: http://cwe.mitre.org/data/definitions/377.html --- src/lib/eina/eina_file_common.c | 7 +++++++ 1 file changed, 7 insertions(+) diff --git a/src/lib/eina/eina_file_common.c b/src/lib/eina/eina_file_common.c index ec9cac8a6e..9a222c2b47 100644 --- a/src/lib/eina/eina_file_common.c +++ b/src/lib/eina/eina_file_common.c @@ -869,6 +869,7 @@ eina_file_mkstemp(const char *templatename, Eina_Tmpstr **path) char buffer[PATH_MAX]; const char *tmpdir; int fd; + mode_t old_umask; #ifndef HAVE_EVIL tmpdir = getenv("TMPDIR"); @@ -877,7 +878,13 @@ eina_file_mkstemp(const char *templatename, Eina_Tmpstr **path) tmpdir = (char *)evil_tmpdir_get(); #endif /* ! HAVE_EVIL */ + /* + * Make sure temp file is created with secure permissions, + * http://man7.org/linux/man-pages/man3/mkstemp.3.html#NOTES + */ + old_umask = umask(0077); snprintf(buffer, PATH_MAX, "%s/%s", tmpdir, templatename); + umask(old_umask); fd = mkstemp(buffer); if (path) *path = eina_tmpstr_add(buffer);