Re: [PATCHES] [HACKERS] Possible make_oidjoins_check Security Issue

Wed, 03 Nov 2004 14:57:25 -0800 

Tom Lane wrote:
> Bruce Momjian <[EMAIL PROTECTED]> writes:
> > I believe the proper way to handle this is a new directory under /tmp. 
> 
> It's definitely not worth the trouble.  I looked at what configure does
> to make /tmp subdirectories portably, and it is spectacularly ugly
> (not to mention long).  If make_oidjoins_check were a user-facing tool
> that would be one thing, but it isn't ...

>From a public relations perspective and a code reuse perspective I think
we should create temporary tables securely.  The attached applied patch
fixes contrib/findoidjoins/make_oidjoins_check.

-- 
  Bruce Momjian                        |  http://candle.pha.pa.us
  [EMAIL PROTECTED]               |  (610) 359-1001
  +  If your life is a hard drive,     |  13 Roberts Road
  +  Christ can be your backup.        |  Newtown Square, Pennsylvania 19073

Index: contrib/findoidjoins/make_oidjoins_check
===================================================================
RCS file: /cvsroot/pgsql/contrib/findoidjoins/make_oidjoins_check,v
retrieving revision 1.5
diff -c -c -r1.5 make_oidjoins_check
*** contrib/findoidjoins/make_oidjoins_check    20 Oct 2004 16:42:46 -0000      1.5
--- contrib/findoidjoins/make_oidjoins_check    3 Nov 2004 22:42:06 -0000
***************
*** 10,21 ****
  # Caution: you may need to use GNU awk.
  AWK=${AWK:-awk}
  
! INPUTFILE="tmp$$a"
! DUPSFILE="tmp$$b"
! NONDUPSFILE="tmp$$c"
! rm -f $INPUTFILE $DUPSFILE $NONDUPSFILE
  
! trap "rm -f $INPUTFILE $DUPSFILE $NONDUPSFILE" 0 1 2 3 15
  
  # Read input
  cat "$@" >$INPUTFILE
--- 10,32 ----
  # Caution: you may need to use GNU awk.
  AWK=${AWK:-awk}
  
! TMP="/tmp/$$"
! trap "rm -rf $TMP" 0 1 2 3 15
  
! # Create a temporary directory with the proper permissions so no one can
! # intercept our temporary files and cause a security breach.
! OMASK="`umask`"
! umask 077
! if ! mkdir $TMP
! then  echo "Can't create temporary directory $TMP." 1>&2
!       exit 1
! fi
! umask "$OMASK"
! unset OMASK
! 
! INPUTFILE="$TMP/a"
! DUPSFILE="$TMP/b"
! NONDUPSFILE="$TMP/c"
  
  # Read input
  cat "$@" >$INPUTFILE

---------------------------(end of broadcast)---------------------------
TIP 5: Have you checked our extensive FAQ?

               http://www.postgresql.org/docs/faqs/FAQ.html

Reply via email to