[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: Symlink attack vulnerability in auto-saving
From: |
Davis Herring |
Subject: |
Re: Symlink attack vulnerability in auto-saving |
Date: |
Mon, 10 Sep 2007 12:38:18 -0700 (PDT) |
User-agent: |
SquirrelMail/1.4.8-6.el3.2lanl |
> Following the recent discussion about symlinks and race-conditions in
> the thread "creating backups in temporary directories", I may have
> discovered a more severe vulnerability in auto-saving of files. If a
> file foobar exists, Emacs will write auto-save data to #foobar# and
> follow symlinks. That's rather bad if foobar is in a world-writable
> directory. :-(
Just to put the message on all threads, in case it's deemed the correct
answer, O_EXCL can work here, too, with the same trick of renaming an old
(non-malicious) auto-save file to reduce the amount of time that no useful
auto-save data is on disk.
Davis
--
This product is sold by volume, not by mass. If it appears too dense or
too sparse, it is because mass-energy conversion has occurred during
shipping.