Skip to content
Snippets Groups Projects
Commit 3d29520b authored by Olav Morken's avatar Olav Morken
Browse files

Utilities::getTempDir: Make sure that the temporary directory is owned by the current user.

This fixes a potential situation where another user creates the
temporary before simpleSAMLphp attempts to create it. Anther user
creating the directory could make simpleSAMLphp overwrite arbitrary
files on the system.

git-svn-id: https://simplesamlphp.googlecode.com/svn/trunk@2081 44740490-163a-0410-bde0-09ae8108e29a
parent 74f16821
No related branches found
No related tags found
No related merge requests found
...@@ -2074,6 +2074,14 @@ class SimpleSAML_Utilities { ...@@ -2074,6 +2074,14 @@ class SimpleSAML_Utilities {
throw new SimpleSAML_Error_Exception('Error creating temp dir ' . throw new SimpleSAML_Error_Exception('Error creating temp dir ' .
var_export($tempDir, TRUE) . ': ' . SimpleSAML_Utilities::getLastError()); var_export($tempDir, TRUE) . ': ' . SimpleSAML_Utilities::getLastError());
} }
} elseif (function_exists('posix_getuid')) {
/* Check that the owner of the temp diretory is the current user. */
$stat = lstat($tempDir);
if ($stat['uid'] !== posix_getuid()) {
throw new SimpleSAML_Error_Exception('Temp directory (' . var_export($tempDir, TRUE) .
') not owned by current user.');
}
} }
return $tempDir; return $tempDir;
......
0% Loading or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment