Fix for Issue #409
Achim Gratz
Stromeko at nexgo.de
Tue Dec 19 11:15:26 UTC 2017
Hal Murray via devel writes:
> I just pushed a fix for Issue #409. The drift file now gets created with the
> normal protection modes rather than 600 so apparmor should be happy when
> reading it as root during startup. (Unless you have a non-standard default
> mode. ...)
That's not a fix, that's creating a latent security problem with
clobbering a file name that's known in advance so you can plant things
under that name and have it overwrite a different file that you normally
wouldn't be able to access. The mkstemp is there exactly to avoid such
problems, not just to create a unique file name.
What's wrong with changing the mode to whatever you like after you're
done with creating the temporary file?
Regards,
Achim.
--
+<[Q+ Matrix-12 WAVE#46+305 Neuron microQkb Andromeda XTk Blofeld]>+
Factory and User Sound Singles for Waldorf rackAttack:
http://Synth.Stromeko.net/Downloads.html#WaldorfSounds
More information about the devel
mailing list