[Ace-users] [tao-users] Default file mode when creating (the "-o" IFR option inparticular)
Johnny Willemsen
jwillemsen at remedy.nl
Thu Feb 28 09:43:37 CST 2008
Hi,
Isn't it better to use ACE_DEFAULT_FILE_PERMS as flag? That is 644 by
default. Also NULL is not portable and shouldn't be used. Can you rework the
patch to make it more an ACE patch?
Johnny
"Jules Colding" <colding at 42tools.com> wrote in message
news:<mailman.3783.1204210788.5286.tao-users at mail.cse.wustl.edu>...
> Hi,
>
> I'm using ACE and TAO x.6.2 to build Lorica(*) which is our IIOP
> Firewall project. It makes use of the IFR and will hand the "-o"
> option to it so that the IFR IOR gets written out to file.
>
> Unfortunately this file is created with mode 666. This makes it
> possible for a malicious user to edit the IOR file and highjack future
> IFR sessions.
>
> The file should obviously be created with mode 644. The attached patch
> naively fixes this but I think that we might need to look at how files
> are created throughout ACE and TAO to ensure that none are world
> writable.
>
> BTW, the patch is very traditional C'ish, sorry about that...
>
> Thoughts?
>
>
> Best regards,
> jules
>
>
> *)
http://www.42tools.com/sites/default/files/downloads/dist/lorica/SOURCES/lor
ica-0.9.2.tar.gz
>
>
>
More information about the Ace-users
mailing list