[Monetdb-bugs] [ monetdb-Bugs-1837764 ] gdk: umask(0000); kind of bad for security

Sat, 01 Dec 2007 07:08:30 -0800 

Bugs item #1837764, was opened at 2007-11-24 21:08
Message generated for change (Comment added) made by nielsnes
You can respond by visiting: 
https://sourceforge.net/tracker/?func=detail&atid=482468&aid=1837764&group_id=56967

Please note that this message will contain a full copy of the comment thread,
including the initial issue submission, for this request,
not just the latest update.
Category: Core
Group: MonetDB Common 1.20
>Status: Closed
>Resolution: Fixed
Priority: 1
Private: No
Submitted By: Fabian (mr-meltdown)
>Assigned to: Niels Nes (nielsnes)
Summary: gdk: umask(0000); kind of bad for security

Initial Comment:
common/src/gdk/gdk_utils.mx:1639

    umask(0000);

This effectively means that the umask from the parent (caller) is ignored, 
which is IMHO not desirable.

I don't see why the umask has to be tampered with to create the gdk lock.

----------------------------------------------------------------------

>Comment By: Niels Nes (nielsnes)
Date: 2007-12-01 15:08

Message:
Logged In: YES 
user_id=43556
Originator: NO

checked the open calls, these now use mode 0666. We don't reset the umask
anymore. 

----------------------------------------------------------------------

Comment By: Fabian (mr-meltdown)
Date: 2007-11-28 12:09

Message:
Logged In: YES 
user_id=963970
Originator: YES

Added a workaround for Merovingian.

----------------------------------------------------------------------

Comment By: Fabian (mr-meltdown)
Date: 2007-11-24 21:13

Message:
Logged In: YES 
user_id=963970
Originator: YES

gdk_posix.mx in MT_lockf creates the lockfile with explicit file mask 662
by the way...

----------------------------------------------------------------------

You can respond by visiting: 
https://sourceforge.net/tracker/?func=detail&atid=482468&aid=1837764&group_id=56967

-------------------------------------------------------------------------
SF.Net email is sponsored by: The Future of Linux Business White Paper
from Novell.  From the desktop to the data center, Linux is going
mainstream.  Let it simplify your IT future.
http://altfarm.mediaplex.com/ad/ck/8857-50307-18918-4
_______________________________________________
Monetdb-bugs mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/monetdb-bugs

Reply via email to