On 08/12/2015 22:45, Richard Weinberger wrote:
> Am 08.12.2015 um 21:37 schrieb Tristan Schmelcher:
>> On 6 December 2015 at 09:43, Mickaël Salaün wrote:
>>> Well, I'm concerned to use umask because it is not thread-safe and drivers
>>> may use create_mem_file() in a multi-theaded context.
>>
>>
Am 08.12.2015 um 21:37 schrieb Tristan Schmelcher:
> On 6 December 2015 at 09:43, Mickaël Salaün wrote:
>> Well, I'm concerned to use umask because it is not thread-safe and drivers
>> may use create_mem_file() in a multi-theaded context.
>
> You are right. We should perhaps set the umask to 070
On 6 December 2015 at 09:43, Mickaël Salaün wrote:
> Well, I'm concerned to use umask because it is not thread-safe and drivers
> may use create_mem_file() in a multi-theaded context.
You are right. We should perhaps set the umask to 0700 permanently
during process start. But I am not sure if th
On 06/12/2015 12:32, Mickaël Salaün wrote:
> On 04/12/2015 18:13, Tristan Schmelcher wrote:
>> If there is a concern that the mkstemp implementation may be insecure,
>> why not set and restore the umask?
>>
>
> I will add this safeguard.
Well, I'm concerned to use umask because it is not thread-s
On 04/12/2015 18:13, Tristan Schmelcher wrote:
> File permissions are checked at time of open, so I think this fchmod
> call has never had any effect.
Indeed, mmap doesn't require the file to be executable, only readable and
writable. The fchmod seems to be a guarantee for this permissions but I
On 06/12/2015 12:32, Mickaël Salaün wrote:
> On 04/12/2015 18:13, Tristan Schmelcher wrote:
>> File permissions are checked at time of open, so I think this fchmod
>> call has never had any effect.
>
> Indeed, mmap doesn't require the file to be executable, only readable and
> writable. The fchmo
File permissions are checked at time of open, so I think this fchmod
call has never had any effect.
If there is a concern that the mkstemp implementation may be insecure,
why not set and restore the umask?
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a
Replace the insecure mode 0777 with 0700 for temporary file to prohibit
other users to change the executable mapped code.
An attacker could gain access to the mapped file descriptor from the
temporary file (before it is unlinked) in a read-only mode but it should
not be accessible in write mode to
8 matches
Mail list logo