From: "Mickaël Salaün" <mic@digikod.net>
To: Richard Weinberger <richard@nod.at>, linux-kernel@vger.kernel.org
Cc: Jeff Dike <jdike@addtoit.com>,
Tristan Schmelcher <tschmelcher@google.com>,
Greg Kroah-Hartman <gregkh@linuxfoundation.org>,
user-mode-linux-devel@lists.sourceforge.net,
user-mode-linux-user@lists.sourceforge.net
Subject: Re: [PATCH 1/2] um: Set secure access mode for temporary file
Date: Sat, 28 Nov 2015 23:52:37 +0100 [thread overview]
Message-ID: <565A3035.6030104@digikod.net> (raw)
In-Reply-To: <565A1F49.3040408@nod.at>
[-- Attachment #1: Type: text/plain, Size: 644 bytes --]
On 28/11/2015 22:40, Richard Weinberger wrote:
> Am 28.11.2015 um 22:32 schrieb Mickaël Salaün:
>> Replace the default insecure mode 0777 with 0700 for temporary file.
>>
>> Prohibit other users to change the executable mapped code.
>
> Hmm, isn't the tmp file already unlinked at this stage?
>
Yes, but if someone could open it before the unlink e.g. because of the umask (which does not seems to be the case thanks to mkstemp, but remains unspecified [1]), this user should then be able to have write access to the file descriptor/description.
Mickaël
1. http://man7.org/linux/man-pages/man3/mkstemp.3.html#NOTES
[-- Attachment #2: OpenPGP digital signature --]
[-- Type: application/pgp-signature, Size: 455 bytes --]
next prev parent reply other threads:[~2015-11-28 22:52 UTC|newest]
Thread overview: 20+ messages / expand[flat|nested] mbox.gz Atom feed top
2015-11-28 21:32 [PATCH 0/2] um: Protect memory mapped file Mickaël Salaün
2015-11-28 21:32 ` Mickaël Salaün
2015-11-28 21:32 ` [PATCH 1/2] um: Set secure access mode for temporary file Mickaël Salaün
2015-11-28 21:32 ` Mickaël Salaün
2015-11-28 21:40 ` [uml-devel] " Richard Weinberger
2015-11-28 21:40 ` Richard Weinberger
2015-11-28 22:52 ` Mickaël Salaün [this message]
2015-11-28 22:55 ` Richard Weinberger
2015-11-28 22:55 ` Richard Weinberger
2015-11-28 23:00 ` Mickaël Salaün
2015-11-28 23:11 ` Richard Weinberger
2015-11-28 23:11 ` Richard Weinberger
2015-11-28 21:32 ` [PATCH 2/2] um: Use race-free temporary file creation Mickaël Salaün
2015-11-28 21:32 ` Mickaël Salaün
2015-11-28 22:07 ` [uml-devel] " Richard Weinberger
2015-11-28 22:07 ` Richard Weinberger
2015-11-28 22:56 ` Mickaël Salaün
2015-11-28 22:59 ` Richard Weinberger
2015-11-28 22:59 ` Richard Weinberger
2015-11-28 23:02 ` Mickaël Salaün
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=565A3035.6030104@digikod.net \
--to=mic@digikod.net \
--cc=gregkh@linuxfoundation.org \
--cc=jdike@addtoit.com \
--cc=linux-kernel@vger.kernel.org \
--cc=richard@nod.at \
--cc=tschmelcher@google.com \
--cc=user-mode-linux-devel@lists.sourceforge.net \
--cc=user-mode-linux-user@lists.sourceforge.net \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.