GNU bug report logs -
#10400
auto-save permissions race condition
Previous Next
Reported by: Paul Eggert <eggert <at> cs.ucla.edu>
Date: Thu, 29 Dec 2011 20:59:01 UTC
Severity: normal
Tags: patch
Done: Paul Eggert <eggert <at> cs.ucla.edu>
Bug is archived. No further changes may be made.
To add a comment to this bug, you must first unarchive it, by sending
a message to control AT debbugs.gnu.org, with unarchive 10400 in the body.
You can then email your comments to 10400 AT debbugs.gnu.org in the normal way.
Toggle the display of automated, internal messages from the tracker.
Report forwarded
to
bug-gnu-emacs <at> gnu.org:
bug#10400; Package
emacs.
(Thu, 29 Dec 2011 20:59:01 GMT)
Full text and
rfc822 format available.
Acknowledgement sent
to
Paul Eggert <eggert <at> cs.ucla.edu>:
New bug report received and forwarded. Copy sent to
bug-gnu-emacs <at> gnu.org.
(Thu, 29 Dec 2011 20:59:01 GMT)
Full text and
rfc822 format available.
Message #5 received at submit <at> debbugs.gnu.org (full text, mbox):
Tags: patch
This closes a minor security hole.
=== modified file 'src/ChangeLog'
--- src/ChangeLog 2011-12-28 07:55:49 +0000
+++ src/ChangeLog 2011-12-29 20:44:31 +0000
@@ -1,3 +1,15 @@
+2011-12-29 Paul Eggert <eggert <at> cs.ucla.edu>
+
+ emacs: fix an auto-save permissions race condition
+ * fileio.c (auto_saving_dir_umask): New static var.
+ (Fmake_directory_internal): Use it.
+ (do_auto_save_make_dir): Set it, instead of invoking chmod after
+ creating the directory. The old code temporarily assigns
+ too-generous permissions to the directory.
+ (do_auto_save_eh): Clear it.
+ (Fdo_auto_save): Catch all errors, not just file errors, so
+ that the var is always cleared.
+
2011-12-28 Kenichi Handa <handa <at> m17n.org>
* coding.c (Fdefine_coding_system_internal): Make an utf-8 base
=== modified file 'src/fileio.c'
--- src/fileio.c 2011-12-17 17:00:49 +0000
+++ src/fileio.c 2011-12-29 20:44:31 +0000
@@ -90,6 +90,9 @@
/* Nonzero during writing of auto-save files */
static int auto_saving;
+/* Nonzero umask during creation of auto-save directories */
+static int auto_saving_dir_umask;
+
/* Set by auto_save_1 to mode of original file so Fwrite_region will create
a new file with the same mode as the original */
static int auto_save_mode_bits;
@@ -2062,7 +2065,7 @@
#ifdef WINDOWSNT
if (mkdir (dir) != 0)
#else
- if (mkdir (dir, 0777) != 0)
+ if (mkdir (dir, 0777 & ~auto_saving_dir_umask) != 0)
#endif
report_file_error ("Creating directory", list1 (directory));
@@ -5205,16 +5208,18 @@
static Lisp_Object
do_auto_save_make_dir (Lisp_Object dir)
{
- Lisp_Object mode;
+ Lisp_Object result;
- call2 (Qmake_directory, dir, Qt);
- XSETFASTINT (mode, 0700);
- return Fset_file_modes (dir, mode);
+ auto_saving_dir_umask = 077;
+ result = call2 (Qmake_directory, dir, Qt);
+ auto_saving_dir_umask = 0;
+ return result;
}
static Lisp_Object
do_auto_save_eh (Lisp_Object ignore)
{
+ auto_saving_dir_umask = 0;
return Qnil;
}
@@ -5282,7 +5287,7 @@
dir = Ffile_name_directory (listfile);
if (NILP (Ffile_directory_p (dir)))
internal_condition_case_1 (do_auto_save_make_dir,
- dir, Fcons (Fcons (Qfile_error, Qnil), Qnil),
+ dir, Qt,
do_auto_save_eh);
UNGCPRO;
}
Reply sent
to
Paul Eggert <eggert <at> cs.ucla.edu>:
You have taken responsibility.
(Sat, 07 Jan 2012 20:07:02 GMT)
Full text and
rfc822 format available.
Notification sent
to
Paul Eggert <eggert <at> cs.ucla.edu>:
bug acknowledged by developer.
(Sat, 07 Jan 2012 20:07:02 GMT)
Full text and
rfc822 format available.
Message #10 received at 10400-done <at> debbugs.gnu.org (full text, mbox):
I installed this patch into the Emacs trunk as part of
bzr 106821 and am marking the bug as done.
bug archived.
Request was from
Debbugs Internal Request <help-debbugs <at> gnu.org>
to
internal_control <at> debbugs.gnu.org.
(Sun, 05 Feb 2012 12:24:03 GMT)
Full text and
rfc822 format available.
This bug report was last modified 12 years and 93 days ago.
Previous Next
GNU bug tracking system
Copyright (C) 1999 Darren O. Benham,
1997,2003 nCipher Corporation Ltd,
1994-97 Ian Jackson.