[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Nano-devel] [PATCH] pull in the futimens module from gnulib
From: |
Benno Schulenberg |
Subject: |
Re: [Nano-devel] [PATCH] pull in the futimens module from gnulib |
Date: |
Mon, 03 Apr 2017 19:56:52 +0200 |
On Mon, Apr 3, 2017, at 08:29, Kamil Dudka wrote:
> On Sunday, April 02, 2017 18:01:47 Benno Schulenberg wrote:
> > How exactly does the use of futimens prevent a symlink attack?
>
> It changes timestamps on the file descriptor, instead of the file name.
Okay, so the real change is: to operate on a file descriptor instead of
on a filename -- something that only futimens() provides, not utime().
> So,
> if the attacker unlinks the backup file and creates a symlink with the same
> file name (while the file descriptor is opened), futimens() will still change
> timestamps on the backup file. Otherwise, utime() would change timestamps
> on the attacker-provided symlink's target.
I don't see how changing a timestamp on an arbitrary file could
become dangerous, but... okay, it should not be allowed.
Benno
--
http://www.fastmail.com - A fast, anti-spam email service.