[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [PATCH 2/3] vhost-user-blk-test: fix Coverity mkstemp(2) umask warni
|
From: |
Stefan Hajnoczi |
|
Subject: |
Re: [PATCH 2/3] vhost-user-blk-test: fix Coverity mkstemp(2) umask warning |
|
Date: |
Tue, 1 Jun 2021 16:36:12 +0100 |
On Sun, May 30, 2021 at 08:01:21PM +0100, Peter Maydell wrote:
> On Wed, 26 May 2021 at 10:14, Stefan Hajnoczi <stefanha@redhat.com> wrote:
> >
> > The Linux man page for mkstemp(3) states:
> >
> > In glibc versions 2.06 and earlier, the file is created with
> > permissions 0666, that is, read and write for all users. This old
> > behavior may be a security risk, especially since other UNIX flavors
> > use 0600, and somebody might overlook this detail when porting
> > programs. POSIX.1-2008 adds a requirement that the file be created
> > with mode 0600.
> >
> > More generally, the POSIX specification of mkstemp() does not say
> > anything about file modes, so the application should make sure its
> > file mode creation mask (see umask(2)) is set appropriately before
> > calling mkstemp() (and mkostemp()).
> >
> > glibc 2.0.6 was released in 1997 and POSIX caught up in 2008. macOS and
> > FreeBSD also use POSIX-compliant 0600 permissions.
> >
> > At this point the Coverity warning seems archaic and no longer useful,
> > but go ahead and silence it.
>
> We had a lot of these on other uses of mkstemp() in tests/ -- I
> have been simply marking them as false-positive on the same grounds
> that you cite above. I would suggest we do the same here rather
> than having this one test do something different with mkstemp().
>
> (If we really wanted to handle ancient glibc, we should do that
> by having a qemu_mkstemp() or something. But it doesn't seem
> worthwhile...)
Sounds good. I have updated Coverity.
Stefan
signature.asc
Description: PGP signature
| [Prev in Thread] |
Current Thread |
[Next in Thread] |
- Re: [PATCH 2/3] vhost-user-blk-test: fix Coverity mkstemp(2) umask warning,
Stefan Hajnoczi <=