randy 96/12/30 18:29:02
Modified: src CHANGES http_main.c
Log:
Close possible race condition in accept_mutex_init() with O_EXCL
flag.
Reviewed by: Randy Terbush, Chuck Murcko
Submitted by: Marc Slemko
Revision Changes Path
1.108 +5 -0 apache/src/CHANGES
Index: CHANGES
===================================================================
RCS file: /export/home/cvs/apache/src/CHANGES,v
retrieving revision 1.107
retrieving revision 1.108
diff -C3 -r1.107 -r1.108
*** CHANGES 1996/12/28 18:17:15 1.107
--- CHANGES 1996/12/31 02:28:59 1.108
***************
*** 1,5 ****
--- 1,10 ----
Changes with Apache 1.2b4:
+ *) Fix possible race condition in accept_mutex_init() that
+ could leave a small security hole open allowing files to be
+ overwritten in cases where the server UID has write permissions.
+ [Marc Slemko]
+
*) Fix awk compatibilty problem in Configure.
*) Fix portablity problem in util_script where ARG_MAX may not be
1.100 +2 -2 apache/src/http_main.c
Index: http_main.c
===================================================================
RCS file: /export/home/cvs/apache/src/http_main.c,v
retrieving revision 1.99
retrieving revision 1.100
diff -C3 -r1.99 -r1.100
*** http_main.c 1996/12/28 00:09:10 1.99
--- http_main.c 1996/12/31 02:29:00 1.100
***************
*** 207,213 ****
exit (1);
}
! lock_fd = popenf(p, lock_fname, O_CREAT | O_WRONLY, 0644);
if (lock_fd == -1)
{
perror ("open");
--- 207,213 ----
exit (1);
}
! lock_fd = popenf(p, lock_fname, O_CREAT | O_WRONLY | O_EXCL, 0644);
if (lock_fd == -1)
{
perror ("open");
***************
*** 261,267 ****
exit (1);
}
! lock_fd = popenf(p, lock_fname, O_CREAT | O_WRONLY, 0644);
if (lock_fd == -1)
{
perror ("open");
--- 261,267 ----
exit (1);
}
! lock_fd = popenf(p, lock_fname, O_CREAT | O_WRONLY | O_EXCL, 0644);
if (lock_fd == -1)
{
perror ("open");
