Small security patch for KTempFile
Ian Reinhart Geiser
geiseri at sourcextreme.com
Wed Sep 8 13:40:59 BST 2004
Oswald Buddenhagen said:
> On Tue, Sep 07, 2004 at 11:56:10PM -0400, Ian Reinhart Geiser wrote:
>> Basicly it changes chown() to fchown() so the ownership operations are
>> done on the fd vs the filename.
>>
> that's pretty much pointless, as you have a race between creating the
> directory and changing/using it anyway. some things just have to be
> trusted ...
Isn't this the definition of a race condition? The idea is that under
heavy system load (ie an attack) one can manipulate a file out from under
a user. Granted I think this might be a moot point when using KIO since
most people don't use the actual file handle, just the name generated by
KTempFile.
While not an obvious security hole, i don't see a problem with using a
safer method where we can.
Cheers
-ian reinhart geiser
--
--
+-Ian Reinhart Geiser geiseri at sourcextreme.com
+-Vice President of Engineering
+-http://www.sourcextreme.com
+-It's not that we don't make mistakes, we just don't keep them around.
More information about the kde-core-devel
mailing list