severity 375534 minor retitle 375534 vorbisinfo should warn before replacing non-writable files tags 375534 - security thanks robot
This is not a (security) bug but normal behaviour. Let me explain what
happens. To follow, please run the following two commands:
ls -ld $PWD
strace vorbiscomment -a -t 'baz=foo' your.ogg > bazlog 2>&1
(Please replace your.ogg by a test ogg file with the same permissions
as in your last case!)
First: You should see that you are allowed to write to the current
directory. Now if you look at "bazlog" you find the following entries:
open("your.ogg", O_RDONLY) = 3
open("your.ogg.vctemp", O_WRONLY|O_CREAT|O_TRUNC, 0666) = 4
So your original file is opened for reading, and a new one is opend
for writing.
In the next lines your file is copied (with a modified vorbis comment)
from the first (original) file to the new version. Now near the end of
bazlog you see:
close(3) = 0
...
close(4) = 0
...
rename("your.ogg.vctemp", "your.ogg") = 0
So first the original file is closed, next the copy is closed, and
finally the copy overwrites the original (run "man 2 rename" for
details). Since you have write permission in the directory, the files
may be deleted. See your favourite Unix guide in the section of file
and directory permissions.
To the maintainer:
It might be wise to not blindly rely on the unix permissions per se,
as a user might expect an in-place edit (and only look at the
permission). This is supported in the man page of vorbiscomment:
-a Append comments.
Maybe vorbisinfo should emit a warning if a file is not available for
writing. Otherwise please improve the man page to avoid this illusion.
Greetings
Helge
--
Dr. Helge Kreutzmann [EMAIL PROTECTED]
Dipl.-Phys. http://www.helgefjell.de/debian.php
64bit GNU powered gpg signed mail preferred
Help keep free software "libre": http://www.ffii.de/
signature.asc
Description: Digital signature
