emacs-pretest-bug
[Top][All Lists]
Advanced
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: printing.el PS preview creates world-readable files in /tmp

From: Stefan Monnier
Subject: Re: printing.el PS preview creates world-readable files in /tmp
Date: Mon, 15 Nov 2004 15:41:54 -0500
User-agent: Gnus/5.11 (Gnus v5.11) Emacs/21.3.50 (gnu/linux) 
> How could a file be created atomically in Emacs Lisp?

With make-temp-file.  It doesn't have to be filled atomically.

>> When creating files in /tmp, it's very important for security reasons to
>> use `make-temp-file'.

> The printing package uses make-temp-file when creating temporary files
> using ghostscript.  Otherwise, it handles only the file name given by
> pr-ps-temp-file created in the directory given by pr-temp-dir.
> The default is /tmp/prspool.ps.

> What kind of security reasons?

Anyone on the same machine as yours can create a symlink called
/tmp/prspool.ps which might point to /home/viniciusjl/somefile and thus
cause you to unexpectedly overwrite one of your files.  Or she can create
a normal file by that name with premissinve access rights so that
printing.el will be able to write to it just fine, but the umask won't apply
(since the file won't be (re)created) so she gets to read your PS file.
...

In your case, there's other problems such as the fact that two users using
printing.el at the same time will step on each other's files since both will
use the same filename.


        Stefan
reply via email to
[Prev in Thread] Current Thread [Next in Thread]