discomfitor pushed a commit to branch enlightenment-0.20. http://git.enlightenment.org/core/enlightenment.git/commit/?id=2e819fef1762570fa3b33ffe84731c4fb1e0b49a
commit 2e819fef1762570fa3b33ffe84731c4fb1e0b49a Author: Mike Blumenkrantz <zm...@osg.samsung.com> Date: Mon Feb 29 10:35:26 2016 -0500 simplify ipc socket creation in trying to be extra secure here, a security hole is created due to time between mkdir and stat calls CID 1039781 --- src/bin/e_ipc.c | 9 +-------- 1 file changed, 1 insertion(+), 8 deletions(-) diff --git a/src/bin/e_ipc.c b/src/bin/e_ipc.c index 1ffb336..6058a3c 100644 --- a/src/bin/e_ipc.c +++ b/src/bin/e_ipc.c @@ -77,13 +77,7 @@ e_ipc_init(void) { snprintf(buf, sizeof(buf), "%s/e-%s@%x", base, user, id1); - if (mkdir(buf, S_IRWXU) < 0) - goto retry; - if (stat(buf, &st) < 0) - goto retry; - if ((st.st_uid == getuid()) && - ((st.st_mode & (S_IFDIR | S_IRWXU | S_IRWXG | S_IRWXO)) == - (S_IRWXU | S_IFDIR))) + if (!mkdir(buf, S_IRWXU)) { #ifdef USE_IPC snprintf(buf3, sizeof(buf3), "%s/%i", @@ -97,7 +91,6 @@ e_ipc_init(void) break; } } -retry: id1 = rand(); } #ifdef USE_IPC --