Zsh Mailing List Archive Messages sorted by: Reverse Date, Date, Thread, Author

Re: [PATCH] Re: Insecure tempfile creation

X-seq: zsh-workers 34165
From: Bart Schaefer <schaefer@xxxxxxxxxxxxxxxx>
To: Zsh hackers list <zsh-workers@xxxxxxx>
Subject: Re: [PATCH] Re: Insecure tempfile creation
Date: Wed, 7 Jan 2015 22:22:20 -0800
In-reply-to: <20150107220345.GE1714@tarsus.local2>
List-help: <mailto:zsh-workers-help@zsh.org>
List-id: Zsh Workers List <zsh-workers.zsh.org>
List-post: <mailto:zsh-workers@zsh.org>
Mailing-list: contact zsh-workers-help@xxxxxxx; run by ezmlm
References: <20141222203624.GA24855@tarsus.local2> <141227223029.ZM15959@torch.brasslantern.com> <141227234421.ZM16038@torch.brasslantern.com> <141228004101.ZM28486@torch.brasslantern.com> <20141229004957.GA1737@tarsus.local2> <141228200142.ZM22840@torch.brasslantern.com> <20150107220345.GE1714@tarsus.local2>

On Wed, Jan 7, 2015 at 2:03 PM, Daniel Shahaf <d.s@xxxxxxxxxxxxxxxxxx> wrote:
> Coming back to this, it has occurred to me that
>
>         mv -f =(:) ${TMPPREFIX:-/tmp/zsh}foo$$
>
> wouldn't perform an atomic rename (as intended) if /tmp/zshfoo$$ is a
> directory or symlink-to-directory.  So hypothetically an attacker might
> be able to create a file named `basename =(:)` in a directory of his
> choice owned by the victim.

Hmm.  Yup, we need "ln -Fh" instead of "mv -f".  Are the -F and -h
options of "ln" fairly standard?

Follow-Ups:
- Re: [PATCH] Re: Insecure tempfile creation
  - From: Danek Duvall

References:
- Re: [PATCH] Re: Insecure tempfile creation
  - From: Daniel Shahaf

Messages sorted by: Reverse Date, Date, Thread, Author