unsecure file creation
Dirk Mueller
mueller at kde.org
Thu Jun 19 16:15:06 UTC 2003
Hi,
commit 1.3 to kdevelop/lib/cppparser/driver.cpp introduced this code:
+ if( m_generatePreprocessedOutput ){
+ QDir::home().mkdir( "/tmp/i" );
+ QFile f( QString::fromLatin1("/tmp/i/") + fileInfo.baseName() +
".i" );
+ f.open( IO_WriteOnly );
+ QTextStream out( &f );
+
This code creates files in a possibly world writeable directory in an
unsecure manner (It does not check if /tmp/i does not exist already and it
does not check that the permissions are 0700). It is therefore vulnerable to
a symlink attack.
For ways to securely create files, have a look at KSaveFile, which is a
class in kdecore.
Please fix it ASAP, thanks.
--
Dirk
More information about the KDevelop-devel
mailing list