To comment on the following update, log in, then open the issue: http://www.openoffice.org/issues/show_bug.cgi?id=62858
------- Additional comments from [EMAIL PROTECTED] Wed Mar 8 04:45:10 -0800 2006 ------- Hi pmladek, Joost, Actually, I do agree with pmladek that we should always apply a "secure by default" strategy. While it is true that the users 'umask' is indeed applied (by 'mkdir(2)', see 'man -S 2 mkdir' on Linux), this is not "secure by default". Regardless of the users 'umask', the OOo 'user directory' is a *user* specific directory (where user private data may be stored), so that the creator of that directory should indeed specify mode 700 (instead of 777, and relying on an appropriate umask). While the proposed patch would indeed work (and I agree that it is apparently the only quick change), I don't like it as it is. The proposed patch has an inherent race condition: a 'chmod()' done some time after 'mkdir()' would leave time for possibly bad things to happen. As 'mkdir(path, mode)' already provides the right API to do the right thing, the osl_createDirectory() (resp. osl::Directory::create()) API should probably be extended to allow for the secure creation of the user directory (tree). Again, it is less important how probable an exploit would be, than to be "secure by default". Matthias --------------------------------------------------------------------- Please do not reply to this automatically generated notification from Issue Tracker. Please log onto the website and enter your comments. http://qa.openoffice.org/issue_handling/project_issues.html#notification --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
