[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
bug#6953: 24.0.50; serious security bug in create backup files
From: |
Glenn Morris |
Subject: |
bug#6953: 24.0.50; serious security bug in create backup files |
Date: |
Thu, 02 Sep 2010 03:58:26 -0400 |
User-agent: |
Gnus (www.gnus.org), GNU Emacs (www.gnu.org/software/emacs/) |
markd@soe.ucsc.edu wrote:
> Oh, wait, it doesn't look like there is a problem with your patch,
> only the comment ;-) backup-buffer-copy says:
>
> ;; Create temp files with strict access rights. It's easy to
> ;; loosen them later, whereas it's impossible to close the
> ;; time-window of loose permissions otherwise.
I don't know what this comment means. There are no "temp files" AFAICS
(unless copy-file creates some internally). I think this comment may
be a leftover from when this code used write-region rather than
copy-file. Indeed the whole mode-changing bit may be as well. C-h f
copy-file says: "This function always sets the file modes of the
output file to match the input file."
Eg:
touch ~/1
chmod 644 ~/1
(set-default-file-modes ?\700)
(copy-file "~/1" "~/2" t t t)
ls -l ~/2 # -> world readable
- bug#6953: 24.0.50; serious security bug in create backup files, Glenn Morris, 2010/09/02
- bug#6953: 24.0.50; serious security bug in create backup files, Eli Zaretskii, 2010/09/02
- bug#6953: 24.0.50; serious security bug in create backup files, markd, 2010/09/02
- bug#6953: 24.0.50; serious security bug in create backup files,
Glenn Morris <=
- bug#6953: 24.0.50; serious security bug in create backup files, Mark Diekhans, 2010/09/02
- bug#6953: 24.0.50; serious security bug in create backup files, Glenn Morris, 2010/09/07
- bug#6953: 24.0.50; serious security bug in create backup files, Stefan Monnier, 2010/09/08
- bug#6953: 24.0.50; serious security bug in create backup files, Glenn Morris, 2010/09/08
- bug#6953: 24.0.50; serious security bug in create backup files, Stefan Monnier, 2010/09/08
- bug#6953: 24.0.50; serious security bug in create backup files, Glenn Morris, 2010/09/09
- bug#6953: 24.0.50; serious security bug in create backup files, Stefan Monnier, 2010/09/09
- bug#6953: 24.0.50; serious security bug in create backup files, Glenn Morris, 2010/09/09
- bug#6953: 24.0.50; serious security bug in create backup files, Eli Zaretskii, 2010/09/13
- bug#6953: 24.0.50; serious security bug in create backup files, Lennart Borgman, 2010/09/13