KDE linuxisms may confuse CIFS and will cause trouble on Windows
David Faure
faure at kde.org
Fri Jan 5 15:28:58 GMT 2007
On Thursday 04 January 2007 23:39, Thiago Macieira wrote:
> Jaison Lee wrote:
> >Wow. That sucks. This is like a standard practice on Linux. A lot of
> >code uses (Q/K)TemporaryFile to generate a name and then passes that
> >filename to someplace else. Not a problem so long as the original
> >handle stays open until the new file is created. If you remove the
> >temporary file and then create a new file afterwards it leaves a
> >window open whereby (I believe) certain security attacks can be made.
> >Everything just gets messy.
>
> That's when you use QTemporaryFile to create a temporary non-file (a dir,
> a symlink, whatever).
No it's also when you use {Q|K}TemporaryFile to pass a temp filename to some
other piece of code which takes a filename, like in KParts::ReadOnlyPart::openUrl():
KTemporaryFile tempFile;
tempFile.setSuffix(extension);
tempFile.setAutoRemove(false);
tempFile.open();
m_file = tempFile.fileName();
KUrl destURL;
destURL.setPath( m_file );
d->m_job = KIO::file_copy( m_url, destURL, 0600, true, false, d->m_showProgressInfo );
Because of the open() call, there is no symlink attack possible.
On the other hand, there are no symlinks at all on CIFS or Windows anyway :-)
AFAICS the Qt4 QTemporaryFile documentation only mentions using it as a QFile,
it doesn't really say what happens if using the filename (e.g. to copy a file there)
while the file is open.
--
David Faure, faure at kde.org, sponsored by Trolltech to work on KDE,
Konqueror (http://www.konqueror.org), and KOffice (http://www.koffice.org).
More information about the kde-core-devel
mailing list