[Kolab-devel] Re: stuart: devel/kolab/Kolab Templates.pm, 1.1.1.1, 1.2

[Stuart Bingë]

On Thursday 13 May 2004 15:11, cvs at intevation.de wrote:
> Modified Files:
> 	Templates.pm
> Log Message:
> New file permission handling. This should fix the security vulnerabilities
> that we've been experiencing

This change allows you to specify the owner and uid/gid of the template file 
in the metadata header. The new meta variables (mvars) are 'file_perms', 
'file_uid' and 'file_gid'. file_perms defaults to 0644, whereas file_uid and 
file_gid default to the 'kolab' users' uid/gid.

I've updated slapd.conf to utilise this new functionality - it now has 
file_perms set to 0600.

I would appreciate it if someone who is familiar with these sorts of security 
issues to look over my code and check if it's correct. Basically what I do is 
as follows:

While substituting in all the @@@ variables I pipe the output to a temporary 
file; once that's done I then copy the existing configuration file to a 
backup file, and finally copy the temporary file as the new configuration 
file.

With these 'destination' files (i.e. the temp file before I pipe the 
substituted data, the backup file before I copy the existing config file, and 
the existing config file before I copy the temp file over it), the way I've 
implemented the permission scheme is basically this:

- Open & truncate the existing destination file, before any of the new data is 
written
- Close the file
- Change the permissions of the file to whatever has been specified for it
- Reopen the file, or copy the existing file to the new file

My main assumption here is that when I re-open the destination file, or when I 
copy the existing file to the destination file, the operation should then use 
the new permissions. Is this correct? Does this work for what we want to do?

Regards,

-- 
Stuart Bingë
Code Fusion cc.

Office: +27 11 673 0411
Mobile: +27 83 298 9727
Email: s.binge at codefusion.co.za

Tailored email solutions; Kolab specialists.
http://www.codefusion.co.za/