httpd-cvs mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Randy Terbush <ra...@hyperreal.com>
Subject cvs commit: apache/src CHANGES http_main.c
Date Tue, 31 Dec 1996 02:29:02 GMT
randy       96/12/30 18:29:02

  Modified:    src       CHANGES http_main.c
  Log:
  Close possible race condition in accept_mutex_init() with O_EXCL
  flag.
  Reviewed by:	Randy Terbush, Chuck Murcko
  Submitted by:	Marc Slemko
  
  Revision  Changes    Path
  1.108     +5 -0      apache/src/CHANGES
  
  Index: CHANGES
  ===================================================================
  RCS file: /export/home/cvs/apache/src/CHANGES,v
  retrieving revision 1.107
  retrieving revision 1.108
  diff -C3 -r1.107 -r1.108
  *** CHANGES	1996/12/28 18:17:15	1.107
  --- CHANGES	1996/12/31 02:28:59	1.108
  ***************
  *** 1,5 ****
  --- 1,10 ----
    Changes with Apache 1.2b4:
    
  +   *) Fix possible race condition in accept_mutex_init() that
  +      could leave a small security hole open allowing files to be
  +      overwritten in cases where the server UID has write permissions.
  +      [Marc Slemko]
  + 
      *) Fix awk compatibilty problem in Configure.
    
      *) Fix portablity problem in util_script where ARG_MAX may not be
  
  
  
  1.100     +2 -2      apache/src/http_main.c
  
  Index: http_main.c
  ===================================================================
  RCS file: /export/home/cvs/apache/src/http_main.c,v
  retrieving revision 1.99
  retrieving revision 1.100
  diff -C3 -r1.99 -r1.100
  *** http_main.c	1996/12/28 00:09:10	1.99
  --- http_main.c	1996/12/31 02:29:00	1.100
  ***************
  *** 207,213 ****
    	exit (1);
        }
    
  !     lock_fd = popenf(p, lock_fname, O_CREAT | O_WRONLY, 0644);
        if (lock_fd == -1)
        {
    	perror ("open");
  --- 207,213 ----
    	exit (1);
        }
    
  !     lock_fd = popenf(p, lock_fname, O_CREAT | O_WRONLY | O_EXCL, 0644);
        if (lock_fd == -1)
        {
    	perror ("open");
  ***************
  *** 261,267 ****
    	exit (1);
        }
    
  !     lock_fd = popenf(p, lock_fname, O_CREAT | O_WRONLY, 0644);
        if (lock_fd == -1)
        {
    	perror ("open");
  --- 261,267 ----
    	exit (1);
        }
    
  !     lock_fd = popenf(p, lock_fname, O_CREAT | O_WRONLY | O_EXCL, 0644);
        if (lock_fd == -1)
        {
    	perror ("open");
  
  
  

Mime
View raw message