Re: [patch]: mmapping FontConfig data structures (fwd)

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 




--behdad
http://behdad.org/

---------- Forwarded message ----------
Date: Fri, 10 Jun 2005 12:42:38 -0400
From: Patrick Lam <plam@xxxxxxx>
To:	Behdad Esfahbod <behdad>
Subject: Re: Re: [patch]: mmapping FontConfig data structures

Behdad Esfahbod wrote:
> You better use O_EXCL anyway.  Just in case two copies of fc-mmap
> happen to run in parallel, or something.

Done.

> How is fc-mmap supposed to be called BTW?  Why not dump the cache
> in the library if it doesn't exist?

Just run fc-mmap/fc-mmap (it has a few options, but you don't need any
to successfully run.)  What do you mean by the library?

> I don't know the code myself. And have not tested. Try manually making a
> symlink from the name of your file to be created and have it point to
> another existing file ... and see what your code does to it. (Imagine
> someone malicious making a symlink pointing to your password database and
> waiting for someone to run this routine as root to cause a simple denial
> of service.)

Here's what I do now:

    unlink (FcMmapFilename());
    fd = open(FcMmapFilename(), O_RDWR | O_CREAT | O_TRUNC | O_EXCL, 0600);
    if (fd == -1)
        return FcFalse;

Is that sufficient?

What I meant by 'just hanging around' was that someone could modify the
file and cause arbitrary stuff to be read into memory; taking a CRC
would prevent that.  If the CRC is not useful, then I won't take it.

pat


[Index of Archives]     [Fedora Fonts]     [Fedora Users]     [Fedora Cloud]     [Kernel]     [Fedora Packaging]     [Fedora Desktop]     [PAM]     [Gimp Graphics Editor]     [Yosemite News]

  Powered by Linux