Re: The open() system call in f8 really broken...

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On Thu, Aug 16, 2007 at 11:16:54AM -0400, Steve Dickson wrote:
> Oliver Falk wrote:
> >Most developers I know, don't worry about >warnings<, but do if their
> >code aborts. If a developer then doesn't worry about the real (security)
> >problem, but only about the abort itself and just workaround that - it's
> >simply a fault... The other option? stderr "FIX YOUR OPEN :-P"; sleep
> >600. :-)
> >
> >If you compile the whole Fedora tree, how many warnings will you see?
> >How many warnings are about 'better use mkstemp' - for security
> >reasons... If you don't abort you'll not catch the developers
> >attention... It's too bad, but true... Don't want to step on dev's toes
> >of course - it's for sure not true for *all* developers!
> I was talking about runtime warnings... Really nasty looking messages
> so they couldn't be ignored...

Even a runtime warning is a wrong thing to do, aborting immediately is the
only sane thing.
If you let it through, it can create a file with random mode.  Say if a root
process creates a file with 4777 perms, do you really want to risk that
while that process is scheduled away somebody copies a shell into that file
and runs it?

	Jakub

--
Fedora-maintainers mailing list
Fedora-maintainers@xxxxxxxxxx
https://www.redhat.com/mailman/listinfo/fedora-maintainers

--
Fedora-maintainers-readonly mailing list
Fedora-maintainers-readonly@xxxxxxxxxx
https://www.redhat.com/mailman/listinfo/fedora-maintainers-readonly

[Index of Archives]     [Fedora Users]     [Fedora Development]     [Fedora Devel Java]     [Fedora Legacy]     [Fedora Desktop]     [Fedora SELinux]     [Big List of Linux Books]     [Yosemite News]     [KDE Users]

  Powered by Linux