From 09450bae84788f9645716e17006e222adf1dec7f Mon Sep 17 00:00:00 2001 From: Paul Eggert Date: Thu, 29 Dec 2011 12:44:31 -0800 Subject: [PATCH] emacs: fix an auto-save permissions race condition * fileio.c (auto_saving_dir_umask): New static var. (Fmake_directory_internal): Use it. (do_auto_save_make_dir): Set it, instead of invoking chmod after creating the directory. The old code temporarily assigns too-generous permissions to the directory. (do_auto_save_eh): Clear it. (Fdo_auto_save): Catch all errrors, not just file errors, so that the var is always cleared. --- src/ChangeLog | 12 ++++++++++++ src/fileio.c | 17 +++++++++++------ 2 files changed, 23 insertions(+), 6 deletions(-) diff --git a/src/ChangeLog b/src/ChangeLog index f10e2955164..6c0185b7386 100644 --- a/src/ChangeLog +++ b/src/ChangeLog @@ -1,3 +1,15 @@ +2011-12-29 Paul Eggert + + emacs: fix an auto-save permissions race condition + * fileio.c (auto_saving_dir_umask): New static var. + (Fmake_directory_internal): Use it. + (do_auto_save_make_dir): Set it, instead of invoking chmod after + creating the directory. The old code temporarily assigns + too-generous permissions to the directory. + (do_auto_save_eh): Clear it. + (Fdo_auto_save): Catch all errrors, not just file errors, so + that the var is always cleared. + 2011-12-28 Kenichi Handa * coding.c (Fdefine_coding_system_internal): Make an utf-8 base diff --git a/src/fileio.c b/src/fileio.c index 3306085491e..27ae8b82204 100644 --- a/src/fileio.c +++ b/src/fileio.c @@ -90,6 +90,9 @@ along with GNU Emacs. If not, see . */ /* Nonzero during writing of auto-save files */ static int auto_saving; +/* Nonzero umask during creation of auto-save directories */ +static int auto_saving_dir_umask; + /* Set by auto_save_1 to mode of original file so Fwrite_region will create a new file with the same mode as the original */ static int auto_save_mode_bits; @@ -2062,7 +2065,7 @@ DEFUN ("make-directory-internal", Fmake_directory_internal, #ifdef WINDOWSNT if (mkdir (dir) != 0) #else - if (mkdir (dir, 0777) != 0) + if (mkdir (dir, 0777 & ~auto_saving_dir_umask) != 0) #endif report_file_error ("Creating directory", list1 (directory)); @@ -5205,16 +5208,18 @@ do_auto_save_unwind_1 (Lisp_Object value) /* used as unwind-protect function */ static Lisp_Object do_auto_save_make_dir (Lisp_Object dir) { - Lisp_Object mode; + Lisp_Object result; - call2 (Qmake_directory, dir, Qt); - XSETFASTINT (mode, 0700); - return Fset_file_modes (dir, mode); + auto_saving_dir_umask = 077; + result = call2 (Qmake_directory, dir, Qt); + auto_saving_dir_umask = 0; + return result; } static Lisp_Object do_auto_save_eh (Lisp_Object ignore) { + auto_saving_dir_umask = 0; return Qnil; } @@ -5282,7 +5287,7 @@ A non-nil CURRENT-ONLY argument means save only current buffer. */) dir = Ffile_name_directory (listfile); if (NILP (Ffile_directory_p (dir))) internal_condition_case_1 (do_auto_save_make_dir, - dir, Fcons (Fcons (Qfile_error, Qnil), Qnil), + dir, Qt, do_auto_save_eh); UNGCPRO; } -- 2.39.2