[18166] in bugtraq
Re: J-Pilot Permissions Vulnerability
daemon@ATHENA.MIT.EDU (Christopher Palmer)
Tue Dec 19 15:46:04 2000
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
Message-ID: <20001218161209.A23378@bitstream.net>
Date: Mon, 18 Dec 2000 16:12:09 -0600
Reply-To: Christopher Palmer <chrisp@BITSTREAM.NET>
From: Christopher Palmer <chrisp@BITSTREAM.NET>
X-To: Rich Lafferty <rich@ALCOR.CONCORDIA.CA>
To: BUGTRAQ@SECURITYFOCUS.COM
In-Reply-To: <20001215184822.B23213@alcor.concordia.ca>; from
rich@ALCOR.CONCORDIA.CA on Fri, Dec 15, 2000 at 06:48:22PM -0500
On Fri, Dec 15, 2000 at 06:48:22PM -0500, Rich Lafferty wrote:
> Isn't that *expected* behavior? umask is used to set the default
> permission bits for file creation, and J-Pilot creates files with the
> permissions you specify in your umask. If you don't want new files created
> group-writeable, then set your umask so they're not!
J-Pilot may be doing what the user asks for, as you say, even if the user
doesn't know she's asking for this bad behavior. (I call it `bad' because I
doubt you can find a user anywhere that wants their grocery list
world-readable or whatever.) I'm a fairly experienced UNIX user, and this
bug bit me, too--I never expected J-Pilot to make my stuff anything other
than 600. The problem is that even if a user knows about the situation, they
don't necessarily want to go changing their umask everytime they launch and
quit from J-Pilot--so you've got inconvenience butting heads with security,
as ever.
The simple solution in this case is for J-Pilot to write files in mode 600,
as probably every user everywhere will want. I could write a very simple
wrapper to make J-Pilot have the right umask, but why should security be for
only those in the know?
--
Christopher Palmer
Bitstream Underground
