diff options
| author | Richard W.M. Jones <rjones@redhat.com> | 2010-12-11 23:35:18 +0000 |
|---|---|---|
| committer | Richard W.M. Jones <rjones@redhat.com> | 2010-12-11 23:35:50 +0000 |
| commit | a6bfc9f3c44c6b4421d5a7b1d872411583a5cffa (patch) | |
| tree | cf65ea23dc5ff09adbbd761e0fce7c433a54c892 | |
| parent | f410d571ccbf54b34937dab2868614d35fe59855 (diff) | |
| download | libguestfs-a6bfc9f3c44c6b4421d5a7b1d872411583a5cffa.tar.gz libguestfs-a6bfc9f3c44c6b4421d5a7b1d872411583a5cffa.tar.xz libguestfs-a6bfc9f3c44c6b4421d5a7b1d872411583a5cffa.zip | |
appliance: Don't set utime on cachedir until we know it is safe.
This could be used to touch an arbitrary file (albeit one which
must already exist), and this could have been a security problem.
| -rw-r--r-- | src/appliance.c | 3 |
1 files changed, 2 insertions, 1 deletions
diff --git a/src/appliance.c b/src/appliance.c index 30eb6fd4..1b6b505e 100644 --- a/src/appliance.c +++ b/src/appliance.c @@ -320,7 +320,6 @@ check_for_cached_appliance (guestfs_h *g, snprintf (filename, len, "%s/checksum", cachedir); (void) mkdir (cachedir, 0755); - (void) utime (cachedir, NULL); /* See if the cache directory exists and passes some simple checks * to make sure it has not been tampered with. @@ -344,6 +343,8 @@ check_for_cached_appliance (guestfs_h *g, return -1; } + (void) utime (cachedir, NULL); + garbage_collect_appliances (cachedir); /* Try to open and acquire a lock on the checksum file. */ |