Message150833
| Author |
hynek |
| Recipients |
hynek, neologix, pitrou, rosslagerwall, tarek |
| Date |
2012年01月08日.00:14:02 |
| SpamBayes Score |
3.8540847e-07 |
| Marked as misclassified |
No |
| Message-id |
<1325981643.51.0.923790442233.issue13734@psf.upfronthosting.co.za> |
| In-reply-to |
| Content |
This is an offspring of #4489 (which is a security bug). The method is AFAIU intended to be private.
As shown in the discussion of the mentioned #4489, there is a whole family of attacks that exploit the time window between gathering path names and executing a function on them. A general description of this problem can be found in: https://www.securecoding.cert.org/confluence/display/seccode/POS35-C.+Avoid+race+conditions+while+checking+for+the+existence+of+a+symbolic+link
While the consequences in rmtree() are probably most dramatic, other recursive functions could benefit too (chmodtree() and chowntree() were mentioned) so Charles-François suggested to write a "generic walker method that would take as argument the methods to call on a directory and on a file (or link)".
Some (probably) necessary helper functions has been already implemented in #4761 (*at()) and #10755 (fdlistdir()).
Has there already been done any work? Ross mentioned he wanted to take a stab? |
|
History
|
|---|
| Date |
User |
Action |
Args |
| 2012年01月08日 00:14:03 | hynek | set | recipients:
+ hynek, pitrou, tarek, neologix, rosslagerwall |
| 2012年01月08日 00:14:03 | hynek | set | messageid: <1325981643.51.0.923790442233.issue13734@psf.upfronthosting.co.za> |
| 2012年01月08日 00:14:02 | hynek | link | issue13734 messages |
| 2012年01月08日 00:14:02 | hynek | create |
|