alpine 3.6
access weakness #231

1

Weakness Breakdown


Definition:

An access weakness occurs when software does not properly implement permissions that could have unintended consequences if exploited by malicious actors. An example of this weakness is when a default username and password are set by the developer but do not get changed by the system administrator.

Warning code(s):

Ensure that umask is given most restrictive possible setting.

File Name:

swish-e/src/swish-e-2.4.7/src/file.c

Context:

The highlighted line of code below is the trigger point of this particular Alpine 3.6 access weakness.

 
    if ( tmpdir )
        file_name_len += strlen( tmpdir ) + 1;  // for path separator

 

    file_name = emalloc( file_name_len + 1 );

    *file_name = '\0';

    if ( tmpdir )
    {
        strcat( file_name, tmpdir );
        normalize_path( file_name );
        strcat( file_name, "/" );
    }

    strcat( file_name, TEMP_FILE_PREFIX );
    
    if ( prefix )
        strcat( file_name, prefix );

    strcat( file_name, temp_file_template );
        
    old_mode = umask(077);  /* Create file with restrictive permissions */

    temp_fd = mkstemp( file_name );

    (void) umask(old_mode);

    if (temp_fd == -1)
        progerrno("Couldn't open temporary file '%s': ", file_name );

    if (!(temp_file = fdopen(temp_fd, f_mode)))
        progerrno("Couldn't create temporary file '%s' file descriptor: ", file_name);

    if ( remove_file_name )
    {
        if ( remove( file_name ) == -1 )
            progerrno("Couldn't unlink temporary file '%s' :", file_name);

        efree( file_name );            
    }
    else
        *file_name_buffer = file_name;

        
    return temp_file;
}
 

The registered trademark Linux® is used pursuant to a sublicense from the Linux Foundation, the exclusive licensee of Linus Torvalds, owner of the mark on a world­wide basis.