summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--ChangeLog8
-rw-r--r--doc/posix-functions/mkstemp.texi8
-rw-r--r--m4/mkstemp.m413
3 files changed, 23 insertions, 6 deletions
diff --git a/ChangeLog b/ChangeLog
index f1006b5f9a..377f326d62 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,3 +1,11 @@
+2011-04-27 Reuben Thomas <rrt@sc3d.org>
+ and Eric Blake <eblake@redhat.com>
+
+ mkstemp: replace if system version uses wrong permissions
+ * m4/mkstemp.m4 (gl_FUNC_MKSTEMP): Add test for non-owner
+ read/write mode bits set in file created by mkstemp.
+ * doc/posix-functions/mkstemp.texi (mkstemp): Document the fix.
+
2011-04-27 Eric Blake <eblake@redhat.com>
passfd: avoid compiler warning
diff --git a/doc/posix-functions/mkstemp.texi b/doc/posix-functions/mkstemp.texi
index 5a1e145600..5f62b44bc3 100644
--- a/doc/posix-functions/mkstemp.texi
+++ b/doc/posix-functions/mkstemp.texi
@@ -15,14 +15,14 @@ mingw.
On some platforms (HP-UX 10.20, SunOS 4.1.4, Solaris 2.5.1), mkstemp has a silly
limit that it can create no more than 26 files from a given template. On
OSF/1 4.0f, it can create only 32 files per process.
+@item
+On some older platforms, @code{mkstemp} can create a world or group
+writable or readable file, if you haven't set the process umask to
+077. This is a security risk.
@end itemize
Portability problems not fixed by Gnulib:
@itemize
-@item
-On platforms other than glibc 2.0.7 or newer, @code{mkstemp} can create a
-world or group writable or readable file, if you haven't set the process
-umask to 077. This is a security risk.
@end itemize
The gnulib module clean-temp can create temporary files that are less
diff --git a/m4/mkstemp.m4 b/m4/mkstemp.m4
index c5cd2820d1..06187c6c51 100644
--- a/m4/mkstemp.m4
+++ b/m4/mkstemp.m4
@@ -1,4 +1,4 @@
-#serial 19
+#serial 20
# Copyright (C) 2001, 2003-2007, 2009-2011 Free Software Foundation, Inc.
# This file is free software; the Free Software Foundation
@@ -10,6 +10,8 @@
# Other systems lack mkstemp altogether.
# On OSF1/Tru64 V4.0F, the system-provided mkstemp function can create
# only 32 files per process.
+# On some hosts, mkstemp creates files with mode 0666, which is a security
+# problem and a violation of POSIX 2008.
# On systems like the above, arrange to use the replacement function.
AC_DEFUN([gl_FUNC_MKSTEMP],
[
@@ -30,6 +32,7 @@ AC_DEFUN([gl_FUNC_MKSTEMP],
off_t large = (off_t) 4294967295u;
if (large < 0)
large = 2147483647;
+ umask (0);
for (i = 0; i < 70; i++)
{
char templ[] = "conftest.mkstemp/coXXXXXX";
@@ -39,9 +42,15 @@ AC_DEFUN([gl_FUNC_MKSTEMP],
result |= 1;
else
{
+ struct stat st;
if (lseek (fd, large, SEEK_SET) != large)
result |= 2;
- close (fd);
+ if (fstat (fd, &st) < 0)
+ result |= 4;
+ else if (st.st_mode & 0077)
+ result |= 8;
+ if (close (fd))
+ result |= 16;
}
}
return result;]])],