discuss-gnustep
[Top][All Lists]
Advanced

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: GNUstep introduces a serious security problem


From: Igor Pirnovar
Subject: Re: GNUstep introduces a serious security problem
Date: Tue, 17 Mar 2009 19:19:46 -0400

Hi Tim,

Let me add that the above security bridge is not only manifested when you set the {{ atomically: YES }} but also when you do not use this feature!

Torli

On Tue, 2009-03-17 at 19:18 -0400, Torli Birnbauer wrote:
On Tue, 2009-03-17 at 23:38 +0100, Tim Kack wrote:
Hi all,

Yes - I am not sure if this is intended behavior or not.
The file is created/written to like this:
1. Create a unique file
2. Write string to that file
3.Using glibc Rename function to rename the unique file to the old file. (NSData.m:1054)
4. Set the attributes on the new unique file
 
The docs for rename(const char *oldname, const char *newname) function says that:
"If oldname is not a directory, then any existing file named newname is removed during the naming operation."
I tried to figure out what is _intended_ to happen but I have not found anything so far.

I will open up a bug on Savannah.

// Tim

2009/3/17 Torli Birnbauer <gootobi@gmail.com>
I have just started to learn the GNUstep's development environment and I have in my very first program stumbled across a serious security problem in the way Objective-C handles IO. Obviously, Objective-C does not honour Unix file permissions. You can reproduce this problem on Unix/Linux systems by setting {{ chmod 000 /some/dir/your.data }}, and then run the example program in the GNUstep documentation page (Base Programming Manual/The Objective-C Language) under "2.8.5 Loading and Saving Strings" by setting the path to {{ /some/dir/your.data }}.

Torli

_______________________________________________
Discuss-gnustep mailing list
Discuss-gnustep@gnu.org
http://lists.gnu.org/mailman/listinfo/discuss-gnustep



reply via email to

[Prev in Thread] Current Thread [Next in Thread]