There is a small filesystem race window between the stat checks for the Busybox config file and opening of the file. Although this window is very small, and the file must be called /etc/busybox, the code is written to be paranoid. Be completely paranoid and eliminate the race by opening the file and doing the stat checks on the file descriptor.
Signed-off-by: Ryan Mallon <[email protected]> --- libbb/appletlib.c | 8 ++++++-- 1 files changed, 6 insertions(+), 2 deletions(-) diff --git a/libbb/appletlib.c b/libbb/appletlib.c index 8f3a8a1..729be85 100644 --- a/libbb/appletlib.c +++ b/libbb/appletlib.c @@ -286,12 +286,16 @@ static void parse_config_file(void) if (ruid == 0) /* run by root - don't need to even read config file */ return; - if ((stat(config_file, &st) != 0) /* No config file? */ + f = fopen_for_read(config_file); + if (!f) + return; + + if ((fstat(fileno(f), &st) != 0) /* Cannot stat? */ || !S_ISREG(st.st_mode) /* Not a regular file? */ || (st.st_uid != 0) /* Not owned by root? */ || (st.st_mode & (S_IWGRP | S_IWOTH)) /* Writable by non-root? */ - || !(f = fopen_for_read(config_file)) /* Cannot open? */ ) { + fclose(f); return; } -- 1.7.1 _______________________________________________ busybox mailing list [email protected] http://lists.busybox.net/mailman/listinfo/busybox
