diff options
| author | nobu <nobu@b2dd03c8-39d4-4d8f-98ff-823fe69b080e> | 2006-09-04 20:50:13 +0000 |
|---|---|---|
| committer | nobu <nobu@b2dd03c8-39d4-4d8f-98ff-823fe69b080e> | 2006-09-04 20:50:13 +0000 |
| commit | 1a1c4ba8d4598c8b64c2cc291d26143a01a966d3 (patch) | |
| tree | 9de4c96750e634ce0e87ffdbd6e33b717f2a4895 | |
| parent | e26606c280cc91f6afd93023dc134097039a68bd (diff) | |
| download | ruby-1a1c4ba8d4598c8b64c2cc291d26143a01a966d3.tar.gz ruby-1a1c4ba8d4598c8b64c2cc291d26143a01a966d3.tar.xz ruby-1a1c4ba8d4598c8b64c2cc291d26143a01a966d3.zip | |
* file.c (path_check_0): check if sticky bit is set on parent
directories for executable path. fixed: [ruby-dev:29415]
git-svn-id: http://svn.ruby-lang.org/repos/ruby/trunk@10863 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
| -rw-r--r-- | ChangeLog | 5 | ||||
| -rw-r--r-- | file.c | 12 |
2 files changed, 10 insertions, 7 deletions
@@ -1,3 +1,8 @@ +Tue Sep 5 05:49:41 2006 Nobuyoshi Nakada <nobu@ruby-lang.org> + + * file.c (path_check_0): check if sticky bit is set on parent + directories for executable path. fixed: [ruby-dev:29415] + Tue Sep 5 05:03:46 2006 Yukihiro Matsumoto <matz@ruby-lang.org> * numeric.c (fix_plus): addition in Fixnum will never overflow @@ -4046,7 +4046,7 @@ is_absolute_path(const char *path) #ifndef DOSISH static int -path_check_0(VALUE path, int loadpath) +path_check_0(VALUE path, int execpath) { struct stat st; char *p0 = StringValueCStr(path); @@ -4061,7 +4061,7 @@ path_check_0(VALUE path, int loadpath) rb_str_cat2(newpath, "/"); rb_str_cat2(newpath, p0); - return path_check_0(newpath, loadpath); + p0 = RSTRING_PTR(path = newpath); } for (;;) { #ifndef S_IWOTH @@ -4069,10 +4069,11 @@ path_check_0(VALUE path, int loadpath) #endif if (stat(p0, &st) == 0 && S_ISDIR(st.st_mode) && (st.st_mode & S_IWOTH) #ifdef S_ISVTX - && (loadpath || !(st.st_mode & S_ISVTX)) + && !(p && execpath && (st.st_mode & S_ISVTX)) #endif && !access(p0, W_OK)) { - rb_warn("Insecure world writable dir %s, mode 0%o", p0, st.st_mode); + rb_warn("Insecure world writable dir %s in %sPATH, mode 0%o", + p0, (execpath ? "" : "LOAD_"), st.st_mode); if (p) *p = '/'; return 0; } @@ -4247,9 +4248,6 @@ rb_find_file(VALUE path) } else { lpath = RSTRING_PTR(tmp); - if (rb_safe_level() >= 1 && !rb_path_check(lpath)) { - rb_raise(rb_eSecurityError, "loading from unsafe path %s", lpath); - } } } else { |