From e6b769819d63d2b24b251dbc9f902fe6fd614da3 Mon Sep 17 00:00:00 2001 From: Ondrej Holy Date: Thu, 23 May 2019 10:41:53 +0200 Subject: gfile: Limit access to files when copying file_copy_fallback creates new files with default permissions and set the correct permissions after the operation is finished. This might cause that the files can be accessible by more users during the operation than expected. Use G_FILE_CREATE_PRIVATE for the new files to limit access to those files. CVE: CVE-2019-12450 Upstream-Status: Backport Signed-off-by: Adrian Bunk --- gio/gfile.c | 11 ++++++----- 1 file changed, 6 insertions(+), 5 deletions(-) diff --git a/gio/gfile.c b/gio/gfile.c index 1cc69166a..13b435480 100644 --- a/gio/gfile.c +++ b/gio/gfile.c @@ -3284,12 +3284,12 @@ file_copy_fallback (GFile *source, out = (GOutputStream*)_g_local_file_output_stream_replace (_g_local_file_get_filename (G_LOCAL_FILE (destination)), FALSE, NULL, flags & G_FILE_COPY_BACKUP, - G_FILE_CREATE_REPLACE_DESTINATION, - info, + G_FILE_CREATE_REPLACE_DESTINATION | + G_FILE_CREATE_PRIVATE, info, cancellable, error); else out = (GOutputStream*)_g_local_file_output_stream_create (_g_local_file_get_filename (G_LOCAL_FILE (destination)), - FALSE, 0, info, + FALSE, G_FILE_CREATE_PRIVATE, info, cancellable, error); } else if (flags & G_FILE_COPY_OVERWRITE) @@ -3297,12 +3297,13 @@ file_copy_fallback (GFile *source, out = (GOutputStream *)g_file_replace (destination, NULL, flags & G_FILE_COPY_BACKUP, - G_FILE_CREATE_REPLACE_DESTINATION, + G_FILE_CREATE_REPLACE_DESTINATION | + G_FILE_CREATE_PRIVATE, cancellable, error); } else { - out = (GOutputStream *)g_file_create (destination, 0, cancellable, error); + out = (GOutputStream *)g_file_create (destination, G_FILE_CREATE_PRIVATE, cancellable, error); } if (!out) -- 2.20.1