[Ace-users] [tao-users] Default file mode when creating (the "-o" IFR option inparticular)

Jeff Parsons j.parsons at vanderbilt.edu
Thu Feb 28 13:24:44 CST 2008 

Hi, 

> -----Original Message-----
> From: schmidt at dre.vanderbilt.edu [mailto:schmidt at dre.vanderbilt.edu] 
> Sent: Thursday, February 28, 2008 9:58 AM
> To: Johnny Willemsen; Jeff Parsons
> Cc: colding at 42tools.com; tao-users at cs.wustl.edu
> Subject: Re: [tao-users] Default file mode when creating (the 
> "-o" IFR option inparticular) 
> 
> 
> Hi Folks,
> 
>    We should definitely use ACE_DEFAULT_FILE_PERMs.  Jeff, can you
>    please update this stuff when you have a chance?

Fixed.

Jeff

>    
>    Thanks,
>    
>    Doug
> 
> > Isn't it better to use ACE_DEFAULT_FILE_PERMS as flag? That 
> is 644 by
> > default. Also NULL is not portable and shouldn't be used. 
> Can you rework the
> > patch to make it more an ACE patch?
> > 
> > Johnny
> > 
> > "Jules Colding" <colding at 42tools.com> wrote in message
> > news:<mailman.3783.1204210788.5286.tao-users at mail.cse.wustl.edu>...
> > > Hi,
> > > 
> > > I'm using ACE and TAO x.6.2 to build Lorica(*) which is our IIOP  
> > > Firewall project. It makes use of the IFR and will hand the "-o"  
> > > option to it so that the IFR IOR gets written out to file.
> > > 
> > > Unfortunately this file is created with mode 666. This makes it  
> > > possible for a malicious user to edit the IOR file and 
> highjack future  
> > > IFR sessions.
> > > 
> > > The file should obviously be created with mode 644. The 
> attached patch  
> > > naively fixes this but I think that we might need to look 
> at how files  
> > > are created throughout ACE and TAO to ensure that none are world  
> > > writable.
> > > 
> > > BTW, the patch is very traditional C'ish, sorry about that...
> > > 
> > > Thoughts?
> > > 
> > > 
> > > Best regards,
> > >    jules
> > > 
> > > 
> > > *)
> > 
> http://www.42tools.com/sites/default/files/downloads/dist/lori
> ca/SOURCES/lor
> > ica-0.9.2.tar.gz
> > > 
> > > 
> > > 
> > 
> > _______________________________________________
> > tao-users mailing list
> > tao-users at mail.cse.wustl.edu
> > http://mail.cse.wustl.edu/mailman/listinfo/tao-users
>

More information about the Ace-users mailing list