diff options
author | Thierry Vignaud <tvignaud@mandriva.org> | 2004-12-23 18:17:32 +0000 |
---|---|---|
committer | Thierry Vignaud <tvignaud@mandriva.org> | 2004-12-23 18:17:32 +0000 |
commit | b15661de47693aef78d96e2c9d67ae907e3ffed9 (patch) | |
tree | 3093515393673a40ab4baeaf81a9b8675773c0a9 | |
parent | 7ca6ba037fe3055909d48635f69ddcfb1b0f0ad7 (diff) | |
download | perl-MDK-Common-b15661de47693aef78d96e2c9d67ae907e3ffed9.tar perl-MDK-Common-b15661de47693aef78d96e2c9d67ae907e3ffed9.tar.gz perl-MDK-Common-b15661de47693aef78d96e2c9d67ae907e3ffed9.tar.bz2 perl-MDK-Common-b15661de47693aef78d96e2c9d67ae907e3ffed9.tar.xz perl-MDK-Common-b15661de47693aef78d96e2c9d67ae907e3ffed9.zip |
(secured_output) introduce it
-rw-r--r-- | MDK/Common/File.pm | 7 |
1 files changed, 7 insertions, 0 deletions
diff --git a/MDK/Common/File.pm b/MDK/Common/File.pm index 86fb98b..5df7b4f 100644 --- a/MDK/Common/File.pm +++ b/MDK/Common/File.pm @@ -38,6 +38,11 @@ array context it returns the lines creates a file and outputs the list (if the file exists, it is clobbered) +=item secured_output(FILENAME, LIST) + +likes output() but prevents insecured usage (it dies if somebody try +to exploit the race window between unlink() and creat()) + =item append_to_file(FILENAME, LIST) add the LIST at the end of the file @@ -136,6 +141,8 @@ sub output_with_perm { my ($f, $perm, @l) = @_; mkdir_p(dirname($f)); output($f, sub linkf { unlink $_[1]; link $_[0], $_[1] } sub symlinkf { unlink $_[1]; symlink $_[0], $_[1] } sub renamef { unlink $_[1]; rename $_[0], $_[1] } +use Fcntl; +sub secured_output { my $f = shift; unlink($f); sysopen(my $F, $f, O_CREAT|O_EXCL|O_RDWR) or die "secure output in file $f failed: $! $@\n"; print $F $_ foreach @_; 1 } sub mkdir_p { |