[prev in list] [next in list] [prev in thread] [next in thread] 

List:       kde-core-devel
Subject:    Small security patch for KTempFile
From:       "Ian Reinhart Geiser" <geiseri () yahoo ! com>
Date:       2004-09-08 3:56:10
Message-ID: 38379.66.92.236.216.1094615770.squirrel () 66 ! 92 ! 236 ! 216
[Download RAW message or body]

Greetings,
I know this is probably not the most important security patch for KDE, but
it has been on my drive here for over a year.

Basicly it changes chown() to fchown() so the ownership operations are
done on the fd vs the filename.  I _think_ the operation remains
unchanged, and I have not found an instance where it behaves badly.

Opinions?

Cheers
   -ian reinhart geiser

--
--
+-Ian Reinhart Geiser geiseri@sourcextreme.com
+-Vice President of Engineering
+-http://www.sourcextreme.com
+-It's not that we don't make mistakes, we just don't keep them around.
["ktempfile-secure.patch" (application/octet-stream)]

Index: ktempdir.cpp
===================================================================
RCS file: /home/kde/kdelibs/kdecore/ktempdir.cpp,v
retrieving revision 1.3
diff -u -r1.3 ktempdir.cpp
--- ktempdir.cpp	13 Aug 2003 19:47:39 -0000	1.3
+++ ktempdir.cpp	8 Sep 2004 03:47:35 -0000
@@ -84,6 +86,7 @@
        return false;
    }
 
+   int nmefd = open(nme,O_RDWR );
    // got a return value != 0
    QCString realNameStr(realName);
    mTmpName = QFile::decodeName(realNameStr)+"/";
@@ -92,13 +95,14 @@
    mode_t tmp = 0;
    mode_t umsk = umask(tmp);
    umask(umsk);
-   chmod(nme, mode&(~umsk));
+   fchmod(nmefd, mode&(~umsk));
 
    // Success!
    bExisting = true;
 
    // Set uid/gid (necessary for SUID programs)
-   chown(nme, getuid(), getgid());
+   fchown(nmefd, getuid(), getgid());
+   close(nmefd);
    return true;
 }
 


[prev in list] [next in list] [prev in thread] [next in thread]