[Ace-users] [tao-users] Default file mode when creating (the "-o" IFR option in particular)

[Jeff Parsons]

Hi,

Regardless, I'm close to checking in changes that will create the
file with ACE_DEFAULT_FILE_PERMS.

Jeff 

> -----Original Message-----
> From: tao-users-bounces at cse.wustl.edu 
> [mailto:tao-users-bounces at cse.wustl.edu] On Behalf Of Milan Cvetkovic
> Sent: Thursday, February 28, 2008 12:57 PM
> To: Jules Colding
> Cc: TAO users
> Subject: Re: [tao-users] Default file mode when creating (the 
> "-o" IFR option in particular)
> 
> Jules Colding wrote:
> > Hi,
> > 
> > I'm using ACE and TAO x.6.2 to build Lorica(*) which is our IIOP 
> > Firewall project. It makes use of the IFR and will hand the 
> "-o"  option
> > to it so that the IFR IOR gets written out to file.
> > 
> > Unfortunately this file is created with mode 666. This makes it 
> > possible for a malicious user to edit the IOR file and 
> highjack future 
> > IFR sessions.
> > 
> > The file should obviously be created with mode 644. The 
> attached patch 
> > naively fixes this but I think that we might need to look 
> at how files 
> > are created throughout ACE and TAO to ensure that none are 
> world  writable.
> > 
> > BTW, the patch is very traditional C'ish, sorry about that...
> > 
> > Thoughts?
> 
> Maybe your umask is set wrong.
> Try creating a file from shell:
> $ touch myfile
> $ ls -l myfile
> 
> > 
> > 
> > Best regards,
> >   jules
> > 
> > 
> > *)
> > 
> http://www.42tools.com/sites/default/files/downloads/dist/lori
> ca/SOURCES/lorica-0.9.2.tar.gz
> > 
> > 
> > 
> > 
> > 
> > 
> --------------------------------------------------------------
> ----------
> > 
> > _______________________________________________
> > tao-users mailing list
> > tao-users at mail.cse.wustl.edu
> > http://mail.cse.wustl.edu/mailman/listinfo/tao-users
> 
> _______________________________________________
> tao-users mailing list
> tao-users at mail.cse.wustl.edu
> http://mail.cse.wustl.edu/mailman/listinfo/tao-users
>