forked from enlightenment/efl
Set secure file permissions for temporary file
From glibc mkstemp man page: In glibc versions 2.06 and earlier, the file is created with permissions 0666, that is, read and write for all users. This old behavior may be a security risk, especially since other UNIX flavors use 0600, and somebody might overlook this detail when porting programs. POSIX.1-2008 adds a requirement that the file be created with mode 0600. More generally, the POSIX specification of mkstemp() does not say anything about file modes, so the application should make sure its file mode creation mask (see umask(2)) is set appropriately before calling mkstemp() (and mkostemp()). And: http://cwe.mitre.org/data/definitions/377.html
This commit is contained in:
parent
eea1b83cf6
commit
7576ff00f3
|
@ -869,6 +869,7 @@ eina_file_mkstemp(const char *templatename, Eina_Tmpstr **path)
|
|||
char buffer[PATH_MAX];
|
||||
const char *tmpdir;
|
||||
int fd;
|
||||
mode_t old_umask;
|
||||
|
||||
#ifndef HAVE_EVIL
|
||||
tmpdir = getenv("TMPDIR");
|
||||
|
@ -877,7 +878,13 @@ eina_file_mkstemp(const char *templatename, Eina_Tmpstr **path)
|
|||
tmpdir = (char *)evil_tmpdir_get();
|
||||
#endif /* ! HAVE_EVIL */
|
||||
|
||||
/*
|
||||
* Make sure temp file is created with secure permissions,
|
||||
* http://man7.org/linux/man-pages/man3/mkstemp.3.html#NOTES
|
||||
*/
|
||||
old_umask = umask(0077);
|
||||
snprintf(buffer, PATH_MAX, "%s/%s", tmpdir, templatename);
|
||||
umask(old_umask);
|
||||
|
||||
fd = mkstemp(buffer);
|
||||
if (path) *path = eina_tmpstr_add(buffer);
|
||||
|
|
Loading…
Reference in New Issue