[[email protected]: [Full-disclosure] [ZH2005-02SA] Insecure tmp file creation in Wine]
Alexandre Julliard
julliard at winehq.org
Mon Mar 14 11:22:29 CST 2005
Marcus Meissner <meissner at suse.de> writes:
> --- server/registry.c 10 Mar 2005 11:18:31 -0000 1.63
> +++ server/registry.c 14 Mar 2005 16:38:54 -0000
> @@ -1610,7 +1610,7 @@
> for (;;)
> {
> sprintf( p, "reg%lx%04x.tmp", (long) getpid(), count++ );
> - if ((fd = open( tmp, O_CREAT | O_EXCL | O_WRONLY, 0666 )) != -1) break;
> + if ((fd = open( tmp, O_CREAT | O_EXCL | O_WRONLY, 0600 )) != -1) break;
That one is not in /tmp, it's in the user's home directory.
--
Alexandre Julliard
julliard at winehq.org
More information about the wine-devel
mailing list