projects / platform / upstream / glib.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: 9492ecd)
[CVE-2019-12450]gfile: Limit access to files when copying 23/207323/1 accepted/tizen/unified/20190604.014623 submit/tizen/20190603.073640
authorOndrej Holy <oholy@redhat.com>
Thu, 23 May 2019 08:41:53 +0000 (10:41 +0200)
committerDonghun Kwak <dh0128.kwak@samsung.com>
Mon, 3 Jun 2019 07:27:15 +0000 (07:27 +0000)
file_copy_fallback creates new files with default permissions and
set the correct permissions after the operation is finished. This
might cause that the files can be accessible by more users during
the operation than expected. Use G_FILE_CREATE_PRIVATE for the new
files to limit access to those files.

Change-Id: Id071a47323fcd0690dec6a5d519d5ab4f2f43562
Signed-off-by: Hyunjee Kim <hj0426.kim@samsung.com>
(cherry picked from commit ec54d211518bf3c2f397f565088a7054219f194e)

gio/gfile.c patch | blob | history

diff --git a/gio/gfile.c b/gio/gfile.c
index af0587b..73aa022 100644 (file)
--- a/gio/gfile.c
+++ b/gio/gfile.c
@@ -3159,12 +3159,12 @@ file_copy_fallback (GFile                  *source,
         out = (GOutputStream*)_g_local_file_output_stream_replace (_g_local_file_get_filename (G_LOCAL_FILE (destination)),
                                                                    FALSE, NULL,
                                                                    flags & G_FILE_COPY_BACKUP,
-                                                                   G_FILE_CREATE_REPLACE_DESTINATION,
-                                                                   info,
+                                                                   G_FILE_CREATE_REPLACE_DESTINATION |
+                                                                   G_FILE_CREATE_PRIVATE, info,
                                                                    cancellable, error);
       else
         out = (GOutputStream*)_g_local_file_output_stream_create (_g_local_file_get_filename (G_LOCAL_FILE (destination)),
-                                                                  FALSE, 0, info,
+                                                                  FALSE, G_FILE_CREATE_PRIVATE, info,
                                                                   cancellable, error);
     }
   else if (flags & G_FILE_COPY_OVERWRITE)
@@ -3177,7 +3177,7 @@ file_copy_fallback (GFile                  *source,
     }
   else
     {
-      out = (GOutputStream *)g_file_create (destination, 0, cancellable, error);
+      out = (GOutputStream *)g_file_create (destination, G_FILE_CREATE_PRIVATE, cancellable, error);
     }
 
   if (!out)
Domain: System / Base;