Skip site navigation (1)Skip section navigation (2)
Date:      Tue, 20 Nov 2012 10:59:12 -0500
From:      Eitan Adler <eadler@freebsd.org>
To:        Baptiste Daroussin <bapt@freebsd.org>
Cc:        svn-src-head@freebsd.org, Jaakko Heinonen <jh@freebsd.org>, svn-src-all@freebsd.org, src-committers@freebsd.org
Subject:   Re: svn commit: r243328 - head/lib/libutil
Message-ID:  <CAF6rxgm0sAUS4fKuwiSij-b1BfoeqpMcCxN4FaF1T8BXG-AXkQ@mail.gmail.com>
In-Reply-To: <20121120133837.GK71195@ithaqua.etoilebsd.net>
References:  <201211200722.qAK7M7Im057617@svn.freebsd.org> <20121120122226.GA1828@a91-153-116-96.elisa-laajakaista.fi> <20121120133837.GK71195@ithaqua.etoilebsd.net>

next in thread | previous in thread | raw e-mail | index | archive | help
On 20 November 2012 08:38, Baptiste Daroussin <bapt@freebsd.org> wrote:
> On Tue, Nov 20, 2012 at 02:22:26PM +0200, Jaakko Heinonen wrote:
>>
>> Hi!
>>
>> On 2012-11-20, Baptiste Daroussin wrote:
>> >   change mode the group file to 0644 after a successfull rename(2)
>> >
>> >  int
>> >  gr_mkdb(void)
>> >  {
>> > -   return (rename(tempname, group_file));
>> > +   int ret;
>> > +
>> > +   ret = rename(tempname, group_file);
>> > +
>> > +   if (ret == 0)
>> > +           chmod(group_file, 0644);
>> > +
>> > +   return (ret);
>> >  }
>>
>> Rename+chmod is not an atomic operation. There is a window when the file
>> has wrong permissions. Also, you don't check the return value of
>> chmod(). Maybe chmod first and then rename?
>>
>> --
>> Jaakko
>
> Does this looks better to you?
> http://people.freebsd.org/~bapt/gr_util.diff

This makes more sense.



-- 
Eitan Adler
Source, Ports, Doc committer
Bugmeister, Ports Security teams



Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?CAF6rxgm0sAUS4fKuwiSij-b1BfoeqpMcCxN4FaF1T8BXG-AXkQ>