| From: Ondrej Holy <oholy@redhat.com> |
| Date: Thu, 23 May 2019 10:41:53 +0200 |
| Subject: gfile: Limit access to files when copying |
| |
| file_copy_fallback creates new files with default permissions and |
| set the correct permissions after the operation is finished. This |
| might cause that the files can be accessible by more users during |
| the operation than expected. Use G_FILE_CREATE_PRIVATE for the new |
| files to limit access to those files. |
| |
| Bug: https://gitlab.gnome.org/GNOME/glib/merge_requests/876 |
| Bug-CVE: CVE-2019-12450 |
| Bug-Debian: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=929753 |
| Origin: upstream, 2.61.1, commit:d8f8f4d637ce43f8699ba94c9b7648beda0ca174 |
| --- |
| gio/gfile.c | 11 ++++++----- |
| 1 file changed, 6 insertions(+), 5 deletions(-) |
| |
| diff --git a/gio/gfile.c b/gio/gfile.c |
| index a5709a4..e017ee1 100644 |
| --- a/gio/gfile.c |
| +++ b/gio/gfile.c |
| @@ -3284,12 +3284,12 @@ file_copy_fallback (GFile *source, |
| out = (GOutputStream*)_g_local_file_output_stream_replace (_g_local_file_get_filename (G_LOCAL_FILE (destination)), |
| FALSE, NULL, |
| flags & G_FILE_COPY_BACKUP, |
| - G_FILE_CREATE_REPLACE_DESTINATION, |
| - info, |
| + G_FILE_CREATE_REPLACE_DESTINATION | |
| + G_FILE_CREATE_PRIVATE, info, |
| cancellable, error); |
| else |
| out = (GOutputStream*)_g_local_file_output_stream_create (_g_local_file_get_filename (G_LOCAL_FILE (destination)), |
| - FALSE, 0, info, |
| + FALSE, G_FILE_CREATE_PRIVATE, info, |
| cancellable, error); |
| } |
| else if (flags & G_FILE_COPY_OVERWRITE) |
| @@ -3297,12 +3297,13 @@ file_copy_fallback (GFile *source, |
| out = (GOutputStream *)g_file_replace (destination, |
| NULL, |
| flags & G_FILE_COPY_BACKUP, |
| - G_FILE_CREATE_REPLACE_DESTINATION, |
| + G_FILE_CREATE_REPLACE_DESTINATION | |
| + G_FILE_CREATE_PRIVATE, |
| cancellable, error); |
| } |
| else |
| { |
| - out = (GOutputStream *)g_file_create (destination, 0, cancellable, error); |
| + out = (GOutputStream *)g_file_create (destination, G_FILE_CREATE_PRIVATE, cancellable, error); |
| } |
| |
| if (!out) |