* PATCH: PR27571: debuginfod client, cache file permissions
@ 2021-04-26 16:22 Frank Ch. Eigler
2021-05-01 18:14 ` Mark Wielaard
0 siblings, 1 reply; 2+ messages in thread
From: Frank Ch. Eigler @ 2021-04-26 16:22 UTC (permalink / raw)
To: elfutils-devel
Author: Frank Ch. Eigler <fche@redhat.com>
Date: Mon Apr 26 12:21:03 2021 -0400
PR27571: debuginfod client cache - file permissions
Files in the download cache should be read-only.
Signed-off-by: Frank Ch. Eigler <fche@redhat.com>
diff --git a/debuginfod/ChangeLog b/debuginfod/ChangeLog
index 9af641ec0e13..3909100903cb 100644
--- a/debuginfod/ChangeLog
+++ b/debuginfod/ChangeLog
@@ -1,3 +1,9 @@
+2021-04-26 Frank Ch. Eigler <fche@redhat.com>
+
+ PR27571
+ * debuginfod-client.c (debuginfod_query_server): Chmod 0400 files
+ delivered into the cache to prevent accidental modification.
+
2021-04-26 Frank Ch. Eigler <fche@redhat.com>
PR26125
diff --git a/debuginfod/debuginfod-client.c b/debuginfod/debuginfod-client.c
index 0170500faaa9..374989e26d43 100644
--- a/debuginfod/debuginfod-client.c
+++ b/debuginfod/debuginfod-client.c
@@ -720,7 +720,7 @@ debuginfod_query_server (debuginfod_client *c,
/* Because of a race with cache cleanup / rmdir, try to mkdir/mkstemp up to twice. */
for(int i=0; i<2; i++) {
/* (re)create target directory in cache */
- (void) mkdir(target_cache_dir, 0700);
+ (void) mkdir(target_cache_dir, 0700); /* files will be 0400 later */
/* NB: write to a temporary file first, to avoid race condition of
multiple clients checking the cache, while a partially-written or empty
@@ -1054,6 +1054,9 @@ debuginfod_query_server (debuginfod_client *c,
tvs[0].tv_usec = tvs[1].tv_usec = 0;
(void) futimes (fd, tvs); /* best effort */
+ /* PR27571: make cache files casually unwriteable; dirs are already 0700 */
+ (void) fchmod(fd, 0400);
+
/* rename tmp->real */
rc = rename (target_cache_tmppath, target_cache_path);
if (rc < 0)
diff --git a/tests/ChangeLog b/tests/ChangeLog
index 4995ba609b29..0712417fa6cd 100644
--- a/tests/ChangeLog
+++ b/tests/ChangeLog
@@ -1,3 +1,8 @@
+2021-04-26 Frank Ch. Eigler <fche@redhat.com>
+
+ PR27571
+ * run-debuginfod-find.sh: Add test case for unwriteable cache files.
+
2021-04-26 Frank Ch. Eigler <fche@redhat.com>
PR26125
diff --git a/tests/run-debuginfod-find.sh b/tests/run-debuginfod-find.sh
index 2ba31d8266f6..7ad2a45d3aac 100755
--- a/tests/run-debuginfod-find.sh
+++ b/tests/run-debuginfod-find.sh
@@ -176,6 +176,10 @@ testrun ${abs_builddir}/debuginfod_build_id_find -e F/prog 1
rm -rf $DEBUGINFOD_CACHE_PATH # clean it from previous tests
filename=`testrun ${abs_top_builddir}/debuginfod/debuginfod-find debuginfo $BUILDID`
cmp $filename F/prog.debug
+if [ -w $filename ]; then
+ echo "cache file writable, boo"
+ exit 1
+fi
filename=`testrun ${abs_top_builddir}/debuginfod/debuginfod-find executable F/prog`
cmp $filename F/prog
^ permalink raw reply [flat|nested] 2+ messages in thread
* Re: PATCH: PR27571: debuginfod client, cache file permissions
2021-04-26 16:22 PATCH: PR27571: debuginfod client, cache file permissions Frank Ch. Eigler
@ 2021-05-01 18:14 ` Mark Wielaard
0 siblings, 0 replies; 2+ messages in thread
From: Mark Wielaard @ 2021-05-01 18:14 UTC (permalink / raw)
To: Frank Ch. Eigler, elfutils-devel
Hi Frank,
On Mon, 2021-04-26 at 12:22 -0400, Frank Ch. Eigler via Elfutils-devel wrote:
> Author: Frank Ch. Eigler <fche@redhat.com>
> Date: Mon Apr 26 12:21:03 2021 -0400
>
> PR27571: debuginfod client cache - file permissions
>
> Files in the download cache should be read-only.
>
> Signed-off-by: Frank Ch. Eigler <fche@redhat.com>
>
> diff --git a/debuginfod/ChangeLog b/debuginfod/ChangeLog
> index 9af641ec0e13..3909100903cb 100644
> --- a/debuginfod/ChangeLog
> +++ b/debuginfod/ChangeLog
> @@ -1,3 +1,9 @@
> +2021-04-26 Frank Ch. Eigler <fche@redhat.com>
> +
> + PR27571
> + * debuginfod-client.c (debuginfod_query_server): Chmod 0400 files
> + delivered into the cache to prevent accidental modification.
Yes, sounds like a good idea.
Thanks,
Mark
^ permalink raw reply [flat|nested] 2+ messages in thread
end of thread, other threads:[~2021-05-01 18:14 UTC | newest]
Thread overview: 2+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2021-04-26 16:22 PATCH: PR27571: debuginfod client, cache file permissions Frank Ch. Eigler
2021-05-01 18:14 ` Mark Wielaard
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).