GNU bug report logs - #6953
24.0.50; serious security bug in create backup files

Previous Next

Package: emacs;

Reported by: Mark Diekhans <markd <at> soe.ucsc.edu>

Date: Tue, 31 Aug 2010 06:13:02 UTC

Severity: important

Found in version 24.0.50

Done: Chong Yidong <cyd <at> stupidchicken.com>

Bug is archived. No further changes may be made.

Full log

Message #20 received at 6953 <at> debbugs.gnu.org (full text, mbox):

From: Mark Diekhans <markd <at> soe.ucsc.edu>
To: Glenn Morris <rgm <at> gnu.org>
Cc: 6953 <at> debbugs.gnu.org
Subject: Re: bug#6953: 24.0.50; serious security bug in create backup files
Date: Thu, 2 Sep 2010 09:33:36 -0700

Ah, this is because copy-file (in fileio.c) does
      fchmod (ofd, st.st_mode & 07777);

It seems like copy-file needs an option to disable this.

The behavior of backup-buffer-copy where it keeps the existing
file would also be a hole.

mark <sigh>

Glenn Morris <rgm <at> gnu.org> writes:
> markd <at> soe.ucsc.edu wrote:
> 
> > Oh, wait, it doesn't look like there is a problem with your patch,
> > only the comment ;-)   backup-buffer-copy says:
> >
> > 	  ;; Create temp files with strict access rights.  It's easy to
> > 	  ;; loosen them later, whereas it's impossible to close the
> > 	  ;; time-window of loose permissions otherwise.
> 
> I don't know what this comment means. There are no "temp files" AFAICS
> (unless copy-file creates some internally). I think this comment may
> be a leftover from when this code used write-region rather than
> copy-file. Indeed the whole mode-changing bit may be as well. C-h f
> copy-file says: "This function always sets the file modes of the
> output file to match the input file."
> 
> Eg:
> 
> touch ~/1
> chmod 644 ~/1
> (set-default-file-modes ?\700)
> (copy-file "~/1" "~/2" t t t)
> ls -l ~/2  # -> world readable
This bug report was last modified 14 years and 204 days ago.

Previous Next

GNU bug tracking system
Copyright (C) 1999 Darren O. Benham, 1997,2003 nCipher Corporation Ltd, 1994-97 Ian Jackson.