Bug #1072
exposed IpcChannel is world-writable
| Status: | Closed | Start: | 07/01/2015 | |
| Priority: | Urgent | Due date: | ||
| Assigned to: |  Mirco Bauer |
% Done: | 100% |
|
| Category: | Frontend GNOME | |||
| Target version: | 1.0 | |||
| Complexity: | Medium |
Found in Version: | ||
| Votes: | 0 |
Description
srw-rw-rw- 1 mirco.bauer mirco.bauer 0 2015-06-22 11:30 _usr_lib_smuxi_smuxi-frontend-gnome.exe
This is problematic for systems with multiple users, as the other users can control the Smuxi instance of the first user.
Associated revisions
Revision 709af0de6cdd439c307aeb359c7a309e2eede50e
Frontend-GNOME: ensure rendezvous point for IPC is private (closes: #1072)
History
Updated by Mirco Bauer 3430 days ago
internal static string BuildPathFromPortName (string portName)
{
if (!Win32.IpcChannelHelper.IsValidPipeName (portName))
throw new RemotingException ("Invalid IPC port name");
return Path.Combine (Path.GetTempPath (), portName);
}
Updated by Mirco Bauer 3430 days ago
listener = new UnixListener (path);
Mono.Unix.Native.Syscall.chmod (path,
Mono.Unix.Native.FilePermissions.S_IRUSR |
Mono.Unix.Native.FilePermissions.S_IWUSR |
Mono.Unix.Native.FilePermissions.S_IRGRP |
Mono.Unix.Native.FilePermissions.S_IWGRP |
Mono.Unix.Native.FilePermissions.S_IROTH |
Mono.Unix.Native.FilePermissions.S_IWOTH);
Updated by Mirco Bauer 3430 days ago
from ./mcs/class/System.Runtime.Remoting/System.Runtime.Remoting.Channels.Ipc.Unix/README:
System.Runtime.Remoting.Channels.Ipc.Unix ========================================= *.Ipc.Unix is a wrapper for Mono.Remoting.Channels.Unix. The Unix channels are loaded via reflection. The wrapper is performing the following mappings: IPC UNIX -------------------------------------- portName="foo" path=$TEMP/foo ipc://foo/bar.rem unix://$TEMP/foo?/bar.rem
Updated by Mirco Bauer 3430 days ago
So Mono is creating a unix socket in /tmp, chmodded 666, named after the port name of the IPC channel. According to MSDN docs [0] it is supposed to be only accessible by the same user by default, that would be chmod 600 on Unix.
https://msdn.microsoft.com/en-us/library/ms172351(v=vs.80)Updated by Mirco Bauer 3418 days ago
Path.GetTempPath() -> [ICall] Path.get_temp_path() -> ves_icall_System_IO_get_temp_path() -> g_get_tmp_dir() of eglib [0] or glib [1]
https://github.com/mono/mono/blob/mono-3.2.8-branch/eglib/src/gmisc-win32.c#L146
https://developer.gnome.org/glib/stable/glib-Miscellaneous-Utility-Functions.html#g-get-tmp-dirSo the TMP, TMPDIR and TEMP environment variables influences the location of the chosen temp directory
Updated by Mirco Bauer 3417 days ago
- Status changed from New to Closed
- % Done changed from 0 to 100
Applied in changeset 709af0de6cdd439c307aeb359c7a309e2eede50e.