randy 96/12/30 18:29:02
Modified: src CHANGES http_main.c Log: Close possible race condition in accept_mutex_init() with O_EXCL flag. Reviewed by: Randy Terbush, Chuck Murcko Submitted by: Marc Slemko Revision Changes Path 1.108 +5 -0 apache/src/CHANGES Index: CHANGES =================================================================== RCS file: /export/home/cvs/apache/src/CHANGES,v retrieving revision 1.107 retrieving revision 1.108 diff -C3 -r1.107 -r1.108 *** CHANGES 1996/12/28 18:17:15 1.107 --- CHANGES 1996/12/31 02:28:59 1.108 *************** *** 1,5 **** --- 1,10 ---- Changes with Apache 1.2b4: + *) Fix possible race condition in accept_mutex_init() that + could leave a small security hole open allowing files to be + overwritten in cases where the server UID has write permissions. + [Marc Slemko] + *) Fix awk compatibilty problem in Configure. *) Fix portablity problem in util_script where ARG_MAX may not be 1.100 +2 -2 apache/src/http_main.c Index: http_main.c =================================================================== RCS file: /export/home/cvs/apache/src/http_main.c,v retrieving revision 1.99 retrieving revision 1.100 diff -C3 -r1.99 -r1.100 *** http_main.c 1996/12/28 00:09:10 1.99 --- http_main.c 1996/12/31 02:29:00 1.100 *************** *** 207,213 **** exit (1); } ! lock_fd = popenf(p, lock_fname, O_CREAT | O_WRONLY, 0644); if (lock_fd == -1) { perror ("open"); --- 207,213 ---- exit (1); } ! lock_fd = popenf(p, lock_fname, O_CREAT | O_WRONLY | O_EXCL, 0644); if (lock_fd == -1) { perror ("open"); *************** *** 261,267 **** exit (1); } ! lock_fd = popenf(p, lock_fname, O_CREAT | O_WRONLY, 0644); if (lock_fd == -1) { perror ("open"); --- 261,267 ---- exit (1); } ! lock_fd = popenf(p, lock_fname, O_CREAT | O_WRONLY | O_EXCL, 0644); if (lock_fd == -1) { perror ("open");