From f659b39ab985d28e4b6618a1146ca8569abac253 Mon Sep 17 00:00:00 2001 From: Otavio Salvador Date: Fri, 23 May 2008 10:07:44 -0300 Subject: Apply patch to avoid truncating of arbitrary files. Thanks to Bryan Donlan for the patch. Closes: #482476 --- apt-pkg/contrib/fileutl.cc | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) (limited to 'apt-pkg') diff --git a/apt-pkg/contrib/fileutl.cc b/apt-pkg/contrib/fileutl.cc index 2b7e25080..a5976cf3a 100644 --- a/apt-pkg/contrib/fileutl.cc +++ b/apt-pkg/contrib/fileutl.cc @@ -138,7 +138,9 @@ bool CopyFile(FileFd &From,FileFd &To) close at some time. */ int GetLock(string File,bool Errors) { - int FD = open(File.c_str(),O_RDWR | O_CREAT | O_TRUNC,0640); + // GetLock() is used in aptitude on directories with public-write access + // Use O_NOFOLLOW here to prevent symlink traversal attacks + int FD = open(File.c_str(),O_RDWR | O_CREAT | O_NOFOLLOW,0640); if (FD < 0) { // Read only .. cant have locking problems there. -- cgit v1.2.3