diff options
| author | nobu <nobu@b2dd03c8-39d4-4d8f-98ff-823fe69b080e> | 2019-01-23 06:06:47 +0000 |
|---|---|---|
| committer | nobu <nobu@b2dd03c8-39d4-4d8f-98ff-823fe69b080e> | 2019-01-23 06:06:47 +0000 |
| commit | 1fae154c07b957278fd336b54256d5c57f21e0d5 (patch) | |
| tree | 6a1aab276535839e78c22d1e8729b0007813d8c2 | |
| parent | 05c3256b2883000aab033737ef121a96b8009b81 (diff) | |
tmpdir.rb: permission of user given directory
* lib/tmpdir.rb (Dir.mktmpdir): check if the permission of the
parent directory only when using the default temporary
directory, and no check against user given directory. the
security is the user's responsibility in that case.
[ruby-core:91216] [Bug #15555]
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@66909 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
| -rw-r--r-- | lib/tmpdir.rb | 17 | ||||
| -rw-r--r-- | test/test_tmpdir.rb | 6 |
2 files changed, 18 insertions, 5 deletions
diff --git a/lib/tmpdir.rb b/lib/tmpdir.rb index 7c0ce3a7f0..87e53a83be 100644 --- a/lib/tmpdir.rb +++ b/lib/tmpdir.rb @@ -83,14 +83,20 @@ class Dir # end # def self.mktmpdir(prefix_suffix=nil, *rest) - path = Tmpname.create(prefix_suffix || "d", *rest) {|n| mkdir(n, 0700)} + base = nil + path = Tmpname.create(prefix_suffix || "d", *rest) {|path, _, _, d| + base = d + mkdir(path, 0700) + } if block_given? begin yield path ensure - stat = File.stat(File.dirname(path)) - if stat.world_writable? and !stat.sticky? - raise ArgumentError, "parent directory is world writable but not sticky" + unless base + stat = File.stat(File.dirname(path)) + if stat.world_writable? and !stat.sticky? + raise ArgumentError, "parent directory is world writable but not sticky" + end end FileUtils.remove_entry path end @@ -110,6 +116,7 @@ class Dir if $SAFE > 0 and tmpdir.tainted? tmpdir = '/tmp' else + origdir = tmpdir tmpdir ||= tmpdir() end n = nil @@ -125,7 +132,7 @@ class Dir path = "#{prefix}#{t}-#{$$}-#{rand(0x100000000).to_s(36)}"\ "#{n ? %[-#{n}] : ''}#{suffix||''}" path = File.join(tmpdir, path) - yield(path, n, opts) + yield(path, n, opts, origdir) rescue Errno::EEXIST n ||= 0 n += 1 diff --git a/test/test_tmpdir.rb b/test/test_tmpdir.rb index eba94056e4..1e633d233b 100644 --- a/test/test_tmpdir.rb +++ b/test/test_tmpdir.rb @@ -33,6 +33,12 @@ class TestTmpdir < Test::Unit::TestCase assert_equal(tmpdir, Dir.tmpdir) File.chmod(0777, tmpdir) assert_not_equal(tmpdir, Dir.tmpdir) + newdir = Dir.mktmpdir("d", tmpdir) do |dir| + assert_file.directory? dir + assert_equal(tmpdir, File.dirname(dir)) + dir + end + assert_file.not_exist?(newdir) File.chmod(01777, tmpdir) assert_equal(tmpdir, Dir.tmpdir) ensure |