KDE linuxisms may confuse CIFS and will cause trouble on Windows

David Faure faure at kde.org
Fri Jan 5 15:28:58 GMT 2007


On Thursday 04 January 2007 23:39, Thiago Macieira wrote:
> Jaison Lee wrote:
> >Wow. That sucks. This is like a standard practice on Linux. A lot of
> >code uses (Q/K)TemporaryFile to generate a name and then passes that
> >filename to someplace else. Not a problem so long as the original
> >handle stays open until the new file is created. If you remove the
> >temporary file and then create a new file afterwards it leaves a
> >window open whereby (I believe) certain security attacks can be made.
> >Everything just gets messy.
> 
> That's when you use QTemporaryFile to create a temporary non-file (a dir, 
> a symlink, whatever).

No it's also when you use {Q|K}TemporaryFile to pass a temp filename to some 
other piece of code which takes a filename, like in KParts::ReadOnlyPart::openUrl():

    KTemporaryFile tempFile;
    tempFile.setSuffix(extension);
    tempFile.setAutoRemove(false);
    tempFile.open();
    m_file = tempFile.fileName();

    KUrl destURL;
    destURL.setPath( m_file );
    d->m_job = KIO::file_copy( m_url, destURL, 0600, true, false, d->m_showProgressInfo );

Because of the open() call, there is no symlink attack possible.
On the other hand, there are no symlinks at all on CIFS or Windows anyway :-)

AFAICS the Qt4 QTemporaryFile documentation only mentions using it as a QFile,
it doesn't really say what happens if using the filename (e.g. to copy a file there)
while the file is open.

-- 
David Faure, faure at kde.org, sponsored by Trolltech to work on KDE,
Konqueror (http://www.konqueror.org), and KOffice (http://www.koffice.org).




More information about the kde-core-devel mailing list