ado@elsie.UUCP (Arthur David Olson) (02/23/86)
Index: bin/sh/io.c Fix
Description:
In creating temporary files, /bin/sh uses mode 0666. This means that
information in an owner-readable-only shell script may be readable by
others when the information is copied to a temporary file.
Repeat-By:
Creating a file named "try" that contains these lines:
( sleep 20 ; cat ) << EOF
The script this text is part of will be made mode 0700
to keep this information private.
EOF
then executing these commands:
umask 022
chmod 700 try
try & (sleep 5 ; ls -l /tmp/sh* ; cat /tmp/sh* )
and noting that the mode of the temporary file would allow anyone to
read the information you had sought to make unreadable by changing the
mode of "try" (if their timing was good).
Fix:
Here's a fix for the 4.1bsd version of "sh/io.c", conditioned on
"OLDVERSION":
tmpfil()
{
itos(serial++); movstr(numbuf,tmpnam);
#ifdef OLDVERSION
return(create(tmpout));
#else
{
register int fid;
if ((fid = creat(tmpout, 0600)) < 0)
failed(tmpout, badcreate);
return fid;
}
#endif
}
--
Sh is an American Librarians Association trademark.
Mismode is an Alexander Haig Verbification Program trademark.
--
UUCP: ..decvax!seismo!elsie!ado ARPA: elsie!ado@seismo.ARPA
DEC, VAX and Elsie are Digital Equipment and Borden trademarks