1berry/ruby
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

* lib/fileutils.rb (remove_entry_secure): forgot final chdir.

Browse Source 
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@8986 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
This commit is contained in:
aamine 2005-08-13 13:14:07 +00:00
parent bacd0dddd1
commit 8ce9641fb8
2 changed files with 14 additions and 11 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
ChangeLog
View File

@ -1,3 +1,7 @@
Sat Aug 13 22:16:12 2005 Minero Aoki <aamine@loveruby.net>
* lib/fileutils.rb (remove_entry_secure): forgot final chdir.
Sat Aug 13 22:07:49 2005 Minero Aoki <aamine@loveruby.net> Sat Aug 13 22:07:49 2005 Minero Aoki <aamine@loveruby.net>
* lib/fileutils.rb (remove_entry_secure): uses chdir(2) and check * lib/fileutils.rb (remove_entry_secure): uses chdir(2) and check

21
lib/fileutils.rb
View File

@ -550,16 +550,14 @@ module FileUtils
# #
# WARNING: This method causes local vulnerability # WARNING: This method causes local vulnerability
# if one of parent directories or removing directory tree are world # if one of parent directories or removing directory tree are world
# writable, and the current process has strong privilege such as Unix # writable (including /tmp, whose permission is 1777), and the current
# super user (root). For secure removing, read the documentation of # process has strong privilege such as Unix super user (root), and the
# #remove_entry_secure carefully, and set :secure option to true. # system has symbolic link. For secure removing, read the documentation
# of #remove_entry_secure carefully, and set :secure option to true.
# Default is :secure=>false. # Default is :secure=>false.
# #
# NOTE: This method calls #remove_entry_secure if :secure option is set. # NOTE: This method calls #remove_entry_secure if :secure option is set.
# See also #remove_entry_secure. # See also #remove_entry_secure.
#
# WARNING: On Win32 systems, you MUST set correct ACL (Access Control List)
# always. Never provide full-control for "Everybody" user.
# #
def rm_r(list, options = {}) def rm_r(list, options = {})
fu_check_options options, :force, :noop, :verbose, :secure fu_check_options options, :force, :noop, :verbose, :secure
@ -609,6 +607,7 @@ module FileUtils
# #
# * Parent directory is world writable (including /tmp). # * Parent directory is world writable (including /tmp).
# * Removing directory tree includes world writable directory. # * Removing directory tree includes world writable directory.
# * The system has symbolic link.
# #
# To avoid this security hole, this method applies special preprocess. # To avoid this security hole, this method applies special preprocess.
# If +path+ is a directory, this method chown(2) and chmod(2) all # If +path+ is a directory, this method chown(2) and chmod(2) all
@ -620,15 +619,13 @@ module FileUtils
# Only exception is temporary directory like /tmp and /var/tmp, # Only exception is temporary directory like /tmp and /var/tmp,
# whose permission is 1777. # whose permission is 1777.
# #
# WARNING: Only the owner of the removing directory tree should invoke # WARNING: Only the owner of the removing directory tree, or Unix super
# this method. Otherwise this method does not work. # user (root) should invoke this method. Otherwise this method does not
# work.
# #
# WARNING: remove_entry_secure uses chdir(2), this method is not # WARNING: remove_entry_secure uses chdir(2), this method is not
# multi-thread safe, nor reentrant. # multi-thread safe, nor reentrant.
# #
# WARNING: This method does not work on Win32 systems.
# (You never need this method while you set NTFS ACL correctly)
#
# For details of this security vulnerability, see Perl's case: # For details of this security vulnerability, see Perl's case:
# #
# http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0448 # http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0448
@ -663,6 +660,8 @@ module FileUtils
end end
File.chown euid, nil, '.' File.chown euid, nil, '.'
File.chmod 0700, '.' File.chmod 0700, '.'
ensure
Dir.chdir prevcwd
end end
# ---- tree root is frozen ---- # ---- tree root is frozen ----
root = Entry_.new(path) root = Entry_.new(path)