diff options
| author | Paul Eggert <eggert@cs.ucla.edu> | 2011-12-29 12:44:31 -0800 |
|---|---|---|
| committer | Paul Eggert <eggert@cs.ucla.edu> | 2011-12-29 12:44:31 -0800 |
| commit | 09450bae84788f9645716e17006e222adf1dec7f (patch) | |
| tree | 09f5edb41135a2382c22449cd3177ffa78d441dd | |
| parent | 2cae5ba432fc30042950c073b7ec7807bb98bcde (diff) | |
| download | emacs-09450bae84788f9645716e17006e222adf1dec7f.tar.gz emacs-09450bae84788f9645716e17006e222adf1dec7f.tar.bz2 emacs-09450bae84788f9645716e17006e222adf1dec7f.zip | |
emacs: fix an auto-save permissions race condition
* fileio.c (auto_saving_dir_umask): New static var.
(Fmake_directory_internal): Use it.
(do_auto_save_make_dir): Set it, instead of invoking chmod after
creating the directory. The old code temporarily assigns
too-generous permissions to the directory.
(do_auto_save_eh): Clear it.
(Fdo_auto_save): Catch all errrors, not just file errors, so
that the var is always cleared.
| -rw-r--r-- | src/ChangeLog | 12 | ||||
| -rw-r--r-- | src/fileio.c | 17 |
2 files changed, 23 insertions, 6 deletions
diff --git a/src/ChangeLog b/src/ChangeLog index f10e2955164..6c0185b7386 100644 --- a/src/ChangeLog +++ b/src/ChangeLog @@ -1,3 +1,15 @@ +2011-12-29 Paul Eggert <eggert@cs.ucla.edu> + + emacs: fix an auto-save permissions race condition + * fileio.c (auto_saving_dir_umask): New static var. + (Fmake_directory_internal): Use it. + (do_auto_save_make_dir): Set it, instead of invoking chmod after + creating the directory. The old code temporarily assigns + too-generous permissions to the directory. + (do_auto_save_eh): Clear it. + (Fdo_auto_save): Catch all errrors, not just file errors, so + that the var is always cleared. + 2011-12-28 Kenichi Handa <handa@m17n.org> * coding.c (Fdefine_coding_system_internal): Make an utf-8 base diff --git a/src/fileio.c b/src/fileio.c index 3306085491e..27ae8b82204 100644 --- a/src/fileio.c +++ b/src/fileio.c @@ -90,6 +90,9 @@ along with GNU Emacs. If not, see <http://www.gnu.org/licenses/>. */ /* Nonzero during writing of auto-save files */ static int auto_saving; +/* Nonzero umask during creation of auto-save directories */ +static int auto_saving_dir_umask; + /* Set by auto_save_1 to mode of original file so Fwrite_region will create a new file with the same mode as the original */ static int auto_save_mode_bits; @@ -2062,7 +2065,7 @@ DEFUN ("make-directory-internal", Fmake_directory_internal, #ifdef WINDOWSNT if (mkdir (dir) != 0) #else - if (mkdir (dir, 0777) != 0) + if (mkdir (dir, 0777 & ~auto_saving_dir_umask) != 0) #endif report_file_error ("Creating directory", list1 (directory)); @@ -5205,16 +5208,18 @@ do_auto_save_unwind_1 (Lisp_Object value) /* used as unwind-protect function */ static Lisp_Object do_auto_save_make_dir (Lisp_Object dir) { - Lisp_Object mode; + Lisp_Object result; - call2 (Qmake_directory, dir, Qt); - XSETFASTINT (mode, 0700); - return Fset_file_modes (dir, mode); + auto_saving_dir_umask = 077; + result = call2 (Qmake_directory, dir, Qt); + auto_saving_dir_umask = 0; + return result; } static Lisp_Object do_auto_save_eh (Lisp_Object ignore) { + auto_saving_dir_umask = 0; return Qnil; } @@ -5282,7 +5287,7 @@ A non-nil CURRENT-ONLY argument means save only current buffer. */) dir = Ffile_name_directory (listfile); if (NILP (Ffile_directory_p (dir))) internal_condition_case_1 (do_auto_save_make_dir, - dir, Fcons (Fcons (Qfile_error, Qnil), Qnil), + dir, Qt, do_auto_save_eh); UNGCPRO; } |