Re: Question about world readable config files and commented warnings

[Seth Arnold <seth.arnold () canonical com>]

On Tue, Jun 30, 2015 at 11:30:06PM +0200, vladz wrote:
> We all know that a better way to create the file would be to set the
> adequate umask first.  But the above steps can be found in initialization
> and installation scripts (I can share a non-exhaustive list if wished).  I

Probably we should get CVEs assigned for these, that's the best way to
make sure they're not overlooked.

> also wouldn't recommend the use of "-m 600" in the "install" command as it
> has the same problem:
>
>     # touch f1
>     # strace install -m 600 f1 f2
>     [...]
>     open("f2", O_WRONLY|O_CREAT|O_EXCL, 0644) = 4 // here f2 is readable
>     chmod("f2", 0600)                         = 0

The three-argument open() has been available for absolute ages:

https://www.freebsd.org/cgi/man.cgi?query=open&apropos=0&sektion=2&manpath=FreeBSD+1.0-RELEASE&arch=default&format=html

I'm surprised install hasn't been updated at some point in the last twenty
years to use the mode correctly. It's probably also CVE-worthy.

Thanks

Attachment: signature.asc
Description: Digital signature