1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28
|
Author: Elmar Pruesse <elmar@pruesse.net>
Last-Update: Tue, 02 Sep 2014 15:15:06 +0200
Description: backported security fix
Origin: upstream, http://bugs.arb-home.de/changeset/12794
--- a/SH/arb_launcher
+++ b/SH/arb_launcher
@@ -296,7 +296,7 @@ create_pipe_reader() {
trap "term_handler $NAMED_PIPE" TERM
trap "rm -f $NAMED_PIPE" EXIT
- { mkfifo $NAMED_PIPE && listen_pipe $NAMED_PIPE ; } || \
+ { mkfifo -m 600 $NAMED_PIPE && listen_pipe $NAMED_PIPE ; } || \
{ echo "Error creating pipe '$NAMED_PIPE'" ; kill $PARENT_PID ; }
debug "Pipe reader for '$NAMED_PIPE' terminates.."
@@ -325,8 +325,9 @@ wait_for_pipe() {
}
get_pipe_name() {
- local SOCKETDIR=$HOME/.arb_tmp/sockets
- mkdir -p $SOCKETDIR
+ local SOCKETDIR="$HOME/.arb_tmp/sockets"
+ mkdir -p "$SOCKETDIR"
+ chmod 0700 "$SOCKETDIR"
echo "$SOCKETDIR/arb_launcher.$ARB_PID"
# instead of the above code, use the following to test a pipe-creation failure:
|