diff options
| author | Frank Ch. Eigler <fche@redhat.com> | 2021-04-26 12:21:03 -0400 |
|---|---|---|
| committer | Frank Ch. Eigler <fche@redhat.com> | 2021-05-01 14:15:32 -0400 |
| commit | 92980edc829c816fabd00df8694acd0a4976902f (patch) | |
| tree | 3a6dba74ee31da347b22e0bdf33c8f5a12cc78a6 | |
| parent | 95edde45e53fc84ce30449663d9f2145328bb877 (diff) | |
| download | elfutils-92980edc829c816fabd00df8694acd0a4976902f.tar.gz | |
PR27571: debuginfod client cache - file permissions
Files in the download cache should be read-only.
Signed-off-by: Frank Ch. Eigler <fche@redhat.com>
| -rw-r--r-- | debuginfod/ChangeLog | 6 | ||||
| -rw-r--r-- | debuginfod/debuginfod-client.c | 5 | ||||
| -rw-r--r-- | tests/ChangeLog | 5 | ||||
| -rwxr-xr-x | tests/run-debuginfod-find.sh | 4 |
4 files changed, 19 insertions, 1 deletions
diff --git a/debuginfod/ChangeLog b/debuginfod/ChangeLog index 9af641ec..39091009 100644 --- a/debuginfod/ChangeLog +++ b/debuginfod/ChangeLog @@ -1,5 +1,11 @@ 2021-04-26 Frank Ch. Eigler <fche@redhat.com> + PR27571 + * debuginfod-client.c (debuginfod_query_server): Chmod 0400 files + delivered into the cache to prevent accidental modification. + +2021-04-26 Frank Ch. Eigler <fche@redhat.com> + PR26125 * debuginfod-client.c (debuginfod_clean_cache): For directory rmdir, check mtime first. diff --git a/debuginfod/debuginfod-client.c b/debuginfod/debuginfod-client.c index 0170500f..374989e2 100644 --- a/debuginfod/debuginfod-client.c +++ b/debuginfod/debuginfod-client.c @@ -720,7 +720,7 @@ debuginfod_query_server (debuginfod_client *c, /* Because of a race with cache cleanup / rmdir, try to mkdir/mkstemp up to twice. */ for(int i=0; i<2; i++) { /* (re)create target directory in cache */ - (void) mkdir(target_cache_dir, 0700); + (void) mkdir(target_cache_dir, 0700); /* files will be 0400 later */ /* NB: write to a temporary file first, to avoid race condition of multiple clients checking the cache, while a partially-written or empty @@ -1054,6 +1054,9 @@ debuginfod_query_server (debuginfod_client *c, tvs[0].tv_usec = tvs[1].tv_usec = 0; (void) futimes (fd, tvs); /* best effort */ + /* PR27571: make cache files casually unwriteable; dirs are already 0700 */ + (void) fchmod(fd, 0400); + /* rename tmp->real */ rc = rename (target_cache_tmppath, target_cache_path); if (rc < 0) diff --git a/tests/ChangeLog b/tests/ChangeLog index 0d2c5edd..f6e540d4 100644 --- a/tests/ChangeLog +++ b/tests/ChangeLog @@ -1,3 +1,8 @@ +2021-04-26 Frank Ch. Eigler <fche@redhat.com> + + PR27571 + * run-debuginfod-find.sh: Add test case for unwriteable cache files. + 2021-04-23 Omar Sandoval <osandov@fb.com> * run-low_high_pc-dw-form-indirect.sh: New file. diff --git a/tests/run-debuginfod-find.sh b/tests/run-debuginfod-find.sh index 3b9a5a6e..d17a8d88 100755 --- a/tests/run-debuginfod-find.sh +++ b/tests/run-debuginfod-find.sh @@ -177,6 +177,10 @@ testrun ${abs_builddir}/debuginfod_build_id_find -e F/prog 1 rm -rf $DEBUGINFOD_CACHE_PATH # clean it from previous tests filename=`testrun ${abs_top_builddir}/debuginfod/debuginfod-find debuginfo $BUILDID` cmp $filename F/prog.debug +if [ -w $filename ]; then + echo "cache file writable, boo" + exit 1 +fi filename=`testrun ${abs_top_builddir}/debuginfod/debuginfod-find executable F/prog` cmp $filename F/prog |