mirror of
https://github.com/ruby/ruby.git
synced 2022-11-09 12:17:21 -05:00
* lib/fileutils.rb (remove_entry_secure): forgot final chdir.
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@8986 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
This commit is contained in:
aamine
parent
bacd0dddd1
commit
8ce9641fb8
2 changed files with 14 additions and 11 deletions
|
|
@ -1,3 +1,7 @@
|
|||
Sat Aug 13 22:16:12 2005 Minero Aoki <aamine@loveruby.net>
|
||||
|
||||
* lib/fileutils.rb (remove_entry_secure): forgot final chdir.
|
||||
|
||||
Sat Aug 13 22:07:49 2005 Minero Aoki <aamine@loveruby.net>
|
||||
|
||||
* lib/fileutils.rb (remove_entry_secure): uses chdir(2) and check
|
||||
|
|
|
|||
|
|
@ -550,16 +550,14 @@ module FileUtils
|
|||
#
|
||||
# WARNING: This method causes local vulnerability
|
||||
# if one of parent directories or removing directory tree are world
|
||||
# writable, and the current process has strong privilege such as Unix
|
||||
# super user (root). For secure removing, read the documentation of
|
||||
# #remove_entry_secure carefully, and set :secure option to true.
|
||||
# writable (including /tmp, whose permission is 1777), and the current
|
||||
# process has strong privilege such as Unix super user (root), and the
|
||||
# system has symbolic link. For secure removing, read the documentation
|
||||
# of #remove_entry_secure carefully, and set :secure option to true.
|
||||
# Default is :secure=>false.
|
||||
#
|
||||
# NOTE: This method calls #remove_entry_secure if :secure option is set.
|
||||
# See also #remove_entry_secure.
|
||||
#
|
||||
# WARNING: On Win32 systems, you MUST set correct ACL (Access Control List)
|
||||
# always. Never provide full-control for "Everybody" user.
|
||||
#
|
||||
def rm_r(list, options = {})
|
||||
fu_check_options options, :force, :noop, :verbose, :secure
|
||||
|
|
@ -609,6 +607,7 @@ module FileUtils
|
|||
#
|
||||
# * Parent directory is world writable (including /tmp).
|
||||
# * Removing directory tree includes world writable directory.
|
||||
# * The system has symbolic link.
|
||||
#
|
||||
# To avoid this security hole, this method applies special preprocess.
|
||||
# If +path+ is a directory, this method chown(2) and chmod(2) all
|
||||
|
|
@ -620,15 +619,13 @@ module FileUtils
|
|||
# Only exception is temporary directory like /tmp and /var/tmp,
|
||||
# whose permission is 1777.
|
||||
#
|
||||
# WARNING: Only the owner of the removing directory tree should invoke
|
||||
# this method. Otherwise this method does not work.
|
||||
# WARNING: Only the owner of the removing directory tree, or Unix super
|
||||
# user (root) should invoke this method. Otherwise this method does not
|
||||
# work.
|
||||
#
|
||||
# WARNING: remove_entry_secure uses chdir(2), this method is not
|
||||
# multi-thread safe, nor reentrant.
|
||||
#
|
||||
# WARNING: This method does not work on Win32 systems.
|
||||
# (You never need this method while you set NTFS ACL correctly)
|
||||
#
|
||||
# For details of this security vulnerability, see Perl's case:
|
||||
#
|
||||
# http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0448
|
||||
|
|
@ -663,6 +660,8 @@ module FileUtils
|
|||
end
|
||||
File.chown euid, nil, '.'
|
||||
File.chmod 0700, '.'
|
||||
ensure
|
||||
Dir.chdir prevcwd
|
||||
end
|
||||
# ---- tree root is frozen ----
|
||||
root = Entry_.new(path)
|
||||
|
|
|
|||
Loading…
Reference in a new issue