diff options
author | Paul Eggert <eggert@cs.ucla.edu> | 2020-02-19 13:47:57 -0800 |
---|---|---|
committer | Paul Eggert <eggert@cs.ucla.edu> | 2020-02-19 13:48:27 -0800 |
commit | 734eb7e457da8a9b2c91798d591c03285c6967ce (patch) | |
tree | c8d8dc92d4af164c895d73de29e3d548385cff3c /lisp/gnus | |
parent | 4b118bdca1d8aa130fb67eadb16e08e87e698aa4 (diff) | |
download | emacs-734eb7e457da8a9b2c91798d591c03285c6967ce.tar.gz |
Fix some file-modes races
* lisp/gnus/gnus-start.el (gnus-save-newsrc-file)
(gnus-slave-save-newsrc):
* lisp/gnus/gnus-uu.el (gnus-uu-initialize):
* lisp/gnus/mm-archive.el (mm-dissect-archive):
* lisp/gnus/mm-decode.el (mm-temp-files-delete)
(mm-display-external):
* lisp/image-dired.el (image-dired-create-thumb-1):
Use with-file-modes rather than setting the file modes later.
This fixes some race conditions where the file temporarily
has the wrong permissions.
Diffstat (limited to 'lisp/gnus')
-rw-r--r-- | lisp/gnus/gnus-start.el | 22 | ||||
-rw-r--r-- | lisp/gnus/gnus-uu.el | 4 | ||||
-rw-r--r-- | lisp/gnus/mm-archive.el | 5 | ||||
-rw-r--r-- | lisp/gnus/mm-decode.el | 18 |
4 files changed, 24 insertions, 25 deletions
diff --git a/lisp/gnus/gnus-start.el b/lisp/gnus/gnus-start.el index 1fd2575ea1f..873923e6c57 100644 --- a/lisp/gnus/gnus-start.el +++ b/lisp/gnus/gnus-start.el @@ -2812,7 +2812,7 @@ values from `gnus-newsrc-hashtb', and write a new value of (file-exists-p working-file))) (unwind-protect - (progn + (with-file-modes (file-modes startup-file) (gnus-with-output-to-file working-file (gnus-gnus-to-quick-newsrc-format) (gnus-run-hooks 'gnus-save-quick-newsrc-hook)) @@ -2822,14 +2822,12 @@ values from `gnus-newsrc-hashtb', and write a new value of ;; file. (let ((buffer-backed-up nil) (buffer-file-name startup-file) - (file-precious-flag t) - (setmodes (file-modes startup-file))) + (file-precious-flag t)) ;; Backup the current version of the startup file. (backup-buffer) ;; Replace the existing startup file with the temp file. (rename-file working-file startup-file t) - (gnus-set-file-modes startup-file setmodes) (setq gnus-save-newsrc-file-last-timestamp (file-attribute-modification-time (file-attributes startup-file))))) @@ -3004,14 +3002,14 @@ SPECIFIC-VARIABLES, or those in `gnus-variable-list'." (defun gnus-slave-save-newsrc () (with-current-buffer gnus-dribble-buffer - (let ((slave-name - (make-temp-file (concat gnus-current-startup-file "-slave-"))) - (modes (ignore-errors - (file-modes (concat gnus-current-startup-file ".eld"))))) - (let ((coding-system-for-write gnus-ding-file-coding-system)) - (gnus-write-buffer slave-name)) - (when modes - (gnus-set-file-modes slave-name modes))))) + (with-file-modes (or (ignore-errors + (file-modes + (concat gnus-current-startup-file ".eld"))) + (default-file-modes)) + (let ((slave-name + (make-temp-file (concat gnus-current-startup-file "-slave-")))) + (let ((coding-system-for-write gnus-ding-file-coding-system)) + (gnus-write-buffer slave-name)))))) (defun gnus-master-read-slave-newsrc () (let ((slave-files diff --git a/lisp/gnus/gnus-uu.el b/lisp/gnus/gnus-uu.el index d40ba9cef42..4037221f496 100644 --- a/lisp/gnus/gnus-uu.el +++ b/lisp/gnus/gnus-uu.el @@ -1781,8 +1781,8 @@ Gnus might fail to display all of it.") gnus-uu-tmp-dir))) (setq gnus-uu-work-dir - (make-temp-file (concat gnus-uu-tmp-dir "gnus") 'dir)) - (gnus-set-file-modes gnus-uu-work-dir 448) + (with-file-modes #o700 + (make-temp-file (concat gnus-uu-tmp-dir "gnus") 'dir))) (setq gnus-uu-work-dir (file-name-as-directory gnus-uu-work-dir)) (push (cons gnus-newsgroup-name gnus-uu-work-dir) gnus-uu-tmp-alist)))) diff --git a/lisp/gnus/mm-archive.el b/lisp/gnus/mm-archive.el index 71676c12a46..56253afa193 100644 --- a/lisp/gnus/mm-archive.el +++ b/lisp/gnus/mm-archive.el @@ -42,8 +42,9 @@ dir) (unless decoder (error "No decoder found for %s" type)) - (setq dir (make-temp-file (expand-file-name "emm." mm-tmp-directory) 'dir)) - (set-file-modes dir #o700) + (with-file-modes #o700 + (setq dir (make-temp-file (expand-file-name "emm." mm-tmp-directory) + 'dir))) (unwind-protect (progn (mm-with-unibyte-buffer diff --git a/lisp/gnus/mm-decode.el b/lisp/gnus/mm-decode.el index d33bb56dc9e..2dab278b373 100644 --- a/lisp/gnus/mm-decode.el +++ b/lisp/gnus/mm-decode.el @@ -602,11 +602,10 @@ files left at the next time." (push temp fails))) (if fails ;; Schedule the deletion of the files left at the next time. - (progn + (with-file-modes #o600 (write-region (concat (mapconcat 'identity (nreverse fails) "\n") "\n") - nil cache-file nil 'silent) - (set-file-modes cache-file #o600)) + nil cache-file nil 'silent)) (when (file-exists-p cache-file) (ignore-errors (delete-file cache-file)))) (setq mm-temp-files-to-be-deleted nil))) @@ -911,8 +910,10 @@ external if displayed external." ;; The function is a string to be executed. (mm-insert-part handle) (mm-add-meta-html-tag handle) - (let* ((dir (make-temp-file - (expand-file-name "emm." mm-tmp-directory) 'dir)) + ;; We create a private sub-directory where we store our files. + (let* ((dir (with-file-modes #o700 + (make-temp-file + (expand-file-name "emm." mm-tmp-directory) 'dir))) (filename (or (mail-content-type-get (mm-handle-disposition handle) 'filename) @@ -924,8 +925,6 @@ external if displayed external." (assoc "needsterminal" mime-info))) (copiousoutput (assoc "copiousoutput" mime-info)) file buffer) - ;; We create a private sub-directory where we store our files. - (set-file-modes dir #o700) (if filename (setq file (expand-file-name (gnus-map-function mm-file-name-rewrite-functions @@ -941,8 +940,9 @@ external if displayed external." ;; `mailcap-mime-extensions'. (setq suffix (car (rassoc (mm-handle-media-type handle) mailcap-mime-extensions)))) - (setq file (make-temp-file (expand-file-name "mm." dir) - nil suffix)))) + (setq file (with-file-modes #o600 + (make-temp-file (expand-file-name "mm." dir) + nil suffix))))) (let ((coding-system-for-write mm-binary-coding-system)) (write-region (point-min) (point-max) file nil 'nomesg)) ;; The file is deleted after the viewer exists. If the users edits |