Philip Martin <philip@codematters.co.uk> wrote on 02/23/2006 02:35:31 PM:
> Paul Burba <paulb@softlanding.com> writes:
>
> > + apr_status_t apr_err;
> > + if (flag & APR_CREATE)
> > + {
> > + /* If we are trying to create a file on OS400 ensure it's CCSID
is
> > + * 1208. */
> > + apr_err = apr_file_open(f, fname, flag & ~APR_BINARY, perm,
pool);
> > +
> > + if (!apr_err)
> > + apr_file_close(*f);
> > + else
> > + return apr_err;
> > +
> > + /* Unset APR_EXCL before the next call to apr_file_open()
doesn't
> > + * return an error. */
> > + flag &= ~APR_EXCL;
> > + }
> > +#endif /* AS400 */
> > + return apr_file_open(f, fname, flag, perm, pool);
> > +}
>
> I'm happy for this to be committed.
>
> I'll just point out that it does introduce a race on AS400, one that's
> not present elsewhere. I don't think this will affect "normal"
> operation of the client or the server, but it might allow malicious
> attacks. During the interval between the close and the second open an
> APR_CREATE|APR_EXCL file could get replaced.
I think we'll just have to live with this risk on OS400, or rather I
should say I don't see any way to avoid it.
> I don't know much about
> AS400, does it have symlinks?
Yes it does.
> If so then it's vulnerable to a symlink
> race. Does it allow open files to be deleted?
Yes.
> If so that increases
> the duration of the race.
>
> --
> Philip Martin
_____________________________________________________________________________
Scanned for SoftLanding Systems, Inc. and SoftLanding Europe Plc by IBM Email Security Management Services powered by MessageLabs.
_____________________________________________________________________________
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@subversion.tigris.org
For additional commands, e-mail: dev-help@subversion.tigris.org
Received on Thu Feb 23 22:35:47 2006