Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

use pathconf() to get _PC_CHOWN_RESTRICTED flag #41

Open
wants to merge 1 commit into
base: master
Choose a base branch
from
Open

use pathconf() to get _PC_CHOWN_RESTRICTED flag #41

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
2 changes: 1 addition & 1 deletion README.pod
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -775,7 +775,7 @@ for sticky bit.

In addition to the MEDIUM security checks, also check for the
possibility of ``chown() giveaway'' using the L<POSIX|POSIX>
sysconf() function. If this is a possibility, each directory in the
pathconf() function. If this is a possibility, each directory in the
path is checked in turn for safeness, recursively walking back to the
root directory.

Expand Down
16 changes: 7 additions & 9 deletions lib/File/Temp.pm
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -718,7 +718,7 @@ sub _is_safe {

# Internal routine to check whether a directory is safe
# for temp files. Safer than _is_safe since it checks for
# the possibility of chown giveaway and if that is a possibility
# the possibility of chown giveaway and if that is a possibility,
# checks each directory in the path to see if it is safe (with _is_safe)

# If _PC_CHOWN_RESTRICTED is not set, does the full test of each
Expand All @@ -737,18 +737,16 @@ sub _is_verysafe {

my $err_ref = shift;

# Should Get the value of _PC_CHOWN_RESTRICTED if it is defined
# and If it is not there do the extensive test
# Should get the value of _PC_CHOWN_RESTRICTED if it is defined
# and if it is not there, do the extensive test
local($@);
my $chown_restricted;
$chown_restricted = &POSIX::_PC_CHOWN_RESTRICTED()
if eval { &POSIX::_PC_CHOWN_RESTRICTED(); 1};
my $chown_restricted = eval { POSIX::_PC_CHOWN_RESTRICTED() };

# If chown_resticted is set to some value we should test it
# If chown_restricted is set to some value, we should test it
if (defined $chown_restricted) {

# Return if the current directory is safe
return _is_safe($path,$err_ref) if POSIX::sysconf( $chown_restricted );
return _is_safe($path, $err_ref) if POSIX::pathconf( $path, $chown_restricted );

}

Expand Down Expand Up @@ -2367,7 +2365,7 @@ for sticky bit.

In addition to the MEDIUM security checks, also check for the
possibility of ``chown() giveaway'' using the L<POSIX|POSIX>
sysconf() function. If this is a possibility, each directory in the
pathconf() function. If this is a possibility, each directory in the
path is checked in turn for safeness, recursively walking back to the
root directory.

Expand Down