Re: [Gnash-commit] [SCM] Gnash branch, master, updated. release_0_8_9

gnash-commit

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Gnash-commit] [SCM] Gnash branch, master, updated. release_0_8_9_fi

From:	Benjamin Wolsey
Subject:	Re: [Gnash-commit] [SCM] Gnash branch, master, updated. release_0_8_9_final-1227-gfa481c1
Date:	Mon, 21 Nov 2011 09:08:19 +0100 (MET)

 
>      cookiefile.open(ss.str().c_str(), std::ios::out | std::ios::trunc);
> +    chmod (ss.str().c_str(), 0600);

There's still the possibility of an attacker opening the file between creation 
and the chmod call. Calling umask() before opening the file should avoid that 
problem. As umask() sets the permissions mask for the current process only, the 
only problem is calling it from more than one thread.

bwy

[Prev in Thread]

Current Thread

[Next in Thread]

[Gnash-commit] [SCM] Gnash branch, master, updated. release_0_8_9_final-1227-gfa481c1, Gabriele Giacone, 2011/11/20
- Re: [Gnash-commit] [SCM] Gnash branch, master, updated. release_0_8_9_final-1227-gfa481c1, Benjamin Wolsey <=
  - Re: [Gnash-commit] [SCM] Gnash branch, master, updated. release_0_8_9_final-1227-gfa481c1, Sandro Santilli, 2011/11/21

Prev by Date: [Gnash-commit] buildbot success in Gnash on oneiric-linux-i386
Next by Date: Re: [Gnash-commit] [SCM] Gnash branch, master, updated. release_0_8_9_final-1227-gfa481c1
Previous by thread: [Gnash-commit] [SCM] Gnash branch, master, updated. release_0_8_9_final-1227-gfa481c1
Next by thread: Re: [Gnash-commit] [SCM] Gnash branch, master, updated. release_0_8_9_final-1227-gfa481c1
Index(es):
- Date
- Thread