diff options
| author | aamine <aamine@b2dd03c8-39d4-4d8f-98ff-823fe69b080e> | 2005-08-13 13:14:07 +0000 |
|---|---|---|
| committer | aamine <aamine@b2dd03c8-39d4-4d8f-98ff-823fe69b080e> | 2005-08-13 13:14:07 +0000 |
| commit | 5f5f6672273cee6b36cb18e119bd4f697ef27f6d (patch) | |
| tree | 8aaa3fef7bb53decfe04bab48a33531b6a1c9431 /lib/fileutils.rb | |
| parent | 899be0933dfdccbb94f1982863ffcbf1e826a556 (diff) | |
| download | ruby-5f5f6672273cee6b36cb18e119bd4f697ef27f6d.tar.gz ruby-5f5f6672273cee6b36cb18e119bd4f697ef27f6d.tar.xz ruby-5f5f6672273cee6b36cb18e119bd4f697ef27f6d.zip | |
* lib/fileutils.rb (remove_entry_secure): forgot final chdir.
git-svn-id: http://svn.ruby-lang.org/repos/ruby/trunk@8986 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
Diffstat (limited to 'lib/fileutils.rb')
| -rw-r--r-- | lib/fileutils.rb | 21 |
1 files changed, 10 insertions, 11 deletions
diff --git a/lib/fileutils.rb b/lib/fileutils.rb index 3b45bad88..c4456ab27 100644 --- a/lib/fileutils.rb +++ b/lib/fileutils.rb @@ -550,16 +550,14 @@ module FileUtils # # WARNING: This method causes local vulnerability # if one of parent directories or removing directory tree are world - # writable, and the current process has strong privilege such as Unix - # super user (root). For secure removing, read the documentation of - # #remove_entry_secure carefully, and set :secure option to true. + # writable (including /tmp, whose permission is 1777), and the current + # process has strong privilege such as Unix super user (root), and the + # system has symbolic link. For secure removing, read the documentation + # of #remove_entry_secure carefully, and set :secure option to true. # Default is :secure=>false. # # NOTE: This method calls #remove_entry_secure if :secure option is set. # See also #remove_entry_secure. - # - # WARNING: On Win32 systems, you MUST set correct ACL (Access Control List) - # always. Never provide full-control for "Everybody" user. # def rm_r(list, options = {}) fu_check_options options, :force, :noop, :verbose, :secure @@ -609,6 +607,7 @@ module FileUtils # # * Parent directory is world writable (including /tmp). # * Removing directory tree includes world writable directory. + # * The system has symbolic link. # # To avoid this security hole, this method applies special preprocess. # If +path+ is a directory, this method chown(2) and chmod(2) all @@ -620,15 +619,13 @@ module FileUtils # Only exception is temporary directory like /tmp and /var/tmp, # whose permission is 1777. # - # WARNING: Only the owner of the removing directory tree should invoke - # this method. Otherwise this method does not work. + # WARNING: Only the owner of the removing directory tree, or Unix super + # user (root) should invoke this method. Otherwise this method does not + # work. # # WARNING: remove_entry_secure uses chdir(2), this method is not # multi-thread safe, nor reentrant. # - # WARNING: This method does not work on Win32 systems. - # (You never need this method while you set NTFS ACL correctly) - # # For details of this security vulnerability, see Perl's case: # # http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0448 @@ -663,6 +660,8 @@ module FileUtils end File.chown euid, nil, '.' File.chmod 0700, '.' + ensure + Dir.chdir prevcwd end # ---- tree root is frozen ---- root = Entry_.new(path) |