diff options
author | Bram Moolenaar <Bram@vim.org> | 2017-11-11 16:45:19 +0100 |
---|---|---|
committer | Bram Moolenaar <Bram@vim.org> | 2017-11-11 16:45:19 +0100 |
commit | aeeb6888ca3ee5122793b37c5aacc6c960b02c37 (patch) | |
tree | fd3290b3796b4fdfd96fa8a71dfac88db3f48422 /src/ex_cmds.c | |
parent | 5fd8b78214a52b561780eb5ba000b1a3f5ba1d3d (diff) | |
download | vim-git-aeeb6888ca3ee5122793b37c5aacc6c960b02c37.tar.gz |
patch 8.0.1287: temp file used for viminfo may have wrong permissionsv8.0.1287
Problem: The temp file used when updating the viminfo file may have the
wrong permissions if setting the group fails.
Solution: Check if the group matches and reduce permissions if not.
Diffstat (limited to 'src/ex_cmds.c')
-rw-r--r-- | src/ex_cmds.c | 29 |
1 files changed, 24 insertions, 5 deletions
diff --git a/src/ex_cmds.c b/src/ex_cmds.c index 154372883..f86e141fc 100644 --- a/src/ex_cmds.c +++ b/src/ex_cmds.c @@ -2007,7 +2007,8 @@ write_viminfo(char_u *file, int forceit) /* * If we can't create in the same directory, try creating a - * "normal" temp file. + * "normal" temp file. This is just an attempt, renaming the temp + * file might fail as well. */ if (fp_out == NULL) { @@ -2018,11 +2019,29 @@ write_viminfo(char_u *file, int forceit) #if defined(UNIX) && defined(HAVE_FCHOWN) /* - * Make sure the owner can read/write it. This only works for - * root. + * Make sure the original owner can read/write the tempfile and + * otherwise preserve permissions, making sure the group matches. */ if (fp_out != NULL) - ignored = fchown(fileno(fp_out), st_old.st_uid, st_old.st_gid); + { + stat_T tmp_st; + + if (mch_stat((char *)tempname, &tmp_st) >= 0) + { + if (st_old.st_uid != tmp_st.st_uid) + /* Changing the owner might fail, in which case the + * file will now owned by the current user, oh well. */ + ignored = fchown(fileno(fp_out), st_old.st_uid, -1); + if (st_old.st_gid != tmp_st.st_gid + && fchown(fileno(fp_out), -1, st_old.st_gid) == -1) + /* can't set the group to what it should be, remove + * group permissions */ + (void)mch_setperm(tempname, 0600); + } + else + /* can't stat the file, set conservative permissions */ + (void)mch_setperm(tempname, 0600); + } #endif } } @@ -7536,7 +7555,7 @@ ex_sign(exarg_T *eap) int idx; sign_T *sp; sign_T *sp_prev; - buf_T *buf; + buf_T *buf = NULL; /* Parse the subcommand. */ p = skiptowhite(arg); |