Utilities::getTempDir: Make sure that the temporary directory is owned by the current user.

This fixes a potential situation where another user creates the temporary before simpleSAMLphp attempts to create it. Anther user creating the directory could make simpleSAMLphp overwrite arbitrary files on the system. git-svn-id: https://simplesamlphp.googlecode.com/svn/trunk@2081 44740490-163a-0410-bde0-09ae8108e29a

Utilities::getTempDir: Make sure that the temporary directory is owned by the current user.
3d29520b · Olav Morken · 74f16821 · 3d29520b
Commit 3d29520b authored 15 years ago by Olav Morken
--- a/lib/SimpleSAML/Utilities.php
+++ b/lib/SimpleSAML/Utilities.php
@@ -2074,6 +2074,14 @@ class SimpleSAML_Utilities {
 				throw new SimpleSAML_Error_Exception('Error creating temp dir ' .
 					var_export($tempDir, TRUE) . ': ' . SimpleSAML_Utilities::getLastError());
 			}
+		} elseif (function_exists('posix_getuid')) {
+			/* Check that the owner of the temp diretory is the current user. */
+			$stat = lstat($tempDir);
+			if ($stat['uid'] !== posix_getuid()) {
+				throw new SimpleSAML_Error_Exception('Temp directory (' . var_export($tempDir, TRUE) .
+					') not owned by current user.');
+			}
 		}
 		return $tempDir;