emacs-pretest-bug
[Top][All Lists]
Advanced
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: printing.el PS preview creates world-readable files in /tmp

From: Vinicius Jose Latorre
Subject: Re: printing.el PS preview creates world-readable files in /tmp
Date: Mon, 15 Nov 2004 18:04:47 -0200
User-agent: Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.8a4) Gecko/20040927 
> > The version 6.8.3 now handles file permission bits (see pr-file-modes
> > option). The pr-file-modes default value is 0600, that is, only the owner 
> > session have permissions to handle the newly created files by
> > printing package.
>
> Note that this should only matter for files created in /tmp, but those files 
> need more than just 0600: they have to be created atomically.
> Browsing through printing.el, I get the impression that it does not create 
> those files atomically.

How could a file be created atomically in Emacs Lisp?
> When creating files in /tmp, it's very important for security reasons to use 
> `make-temp-file'.

The printing package uses make-temp-file when creating temporary files using
ghostscript. Otherwise, it handles only the file name given by pr-ps-temp-file created in the directory given by pr-temp-dir. The default is /tmp/prspool.ps. 

What kind of security reasons?


Vinicius
reply via email to
[Prev in Thread] Current Thread [Next in Thread]