From: Colin Walters <walters@debian.org>
Subject: Re: many packages write to `temporary-file-directory' insecurely
Date: 06 Mar 2002 02:35:26 -0500 [thread overview]
Message-ID: <1015400126.18074.0.camel@space-ghost> (raw)
In-Reply-To: <1015389617.25883.37.camel@space-ghost>
[-- Attachment #1: Type: text/plain, Size: 178 bytes --]
How about the following? One issue still to consider is whether or not
we should default to writing game state in ~/.emacs.d, or in
`temporary-file-directory'. Any opinions?
[-- Attachment #2: gamestate.patch --]
[-- Type: text/plain, Size: 7027 bytes --]
Index: src/filelock.c
===================================================================
RCS file: /cvsroot/emacs/emacs/src/filelock.c,v
retrieving revision 1.96
diff -u -r1.96 filelock.c
--- src/filelock.c 6 Feb 2002 15:44:28 -0000 1.96
+++ src/filelock.c 6 Mar 2002 07:34:59 -0000
@@ -762,6 +762,7 @@
{
DEFVAR_LISP ("temporary-file-directory", &Vtemporary_file_directory,
doc: /* The directory for writing temporary files. */);
+ /* We initialize this more intelligently later in startup.el */
Vtemporary_file_directory = Qnil;
defsubr (&Sunlock_buffer);
Index: src/callproc.c
===================================================================
RCS file: /cvsroot/emacs/emacs/src/callproc.c,v
retrieving revision 1.182
diff -u -r1.182 callproc.c
--- src/callproc.c 4 Mar 2002 23:41:00 -0000 1.182
+++ src/callproc.c 6 Mar 2002 07:35:00 -0000
@@ -104,7 +104,7 @@
#endif
Lisp_Object Vexec_path, Vexec_directory, Vexec_suffixes;
-Lisp_Object Vdata_directory, Vdoc_directory;
+Lisp_Object Vdata_directory, Vdoc_directory, Vgame_state_directory;
Lisp_Object Vconfigure_info_directory;
Lisp_Object Vtemp_file_name_pattern;
@@ -1534,6 +1534,9 @@
}
}
+ /* We initialize this more intelligently later in startup.el */
+ Vgame_state_directory = Qnil;
+
#ifndef CANNOT_DUMP
if (initialized)
#endif
@@ -1614,6 +1617,11 @@
DEFVAR_LISP ("data-directory", &Vdata_directory,
doc: /* Directory of machine-independent files that come with GNU Emacs.
These are files intended for Emacs to use while it runs. */);
+
+ DEFVAR_LISP ("game-state-directory", &Vgame_state_directory,
+ doc: /* Directory of high-score and other state files for games.
+Depending on your system setup, this may or may not default to a
+shared directory. */);
DEFVAR_LISP ("doc-directory", &Vdoc_directory,
doc: /* Directory containing the DOC file that comes with GNU Emacs.
Index: lisp/startup.el
===================================================================
RCS file: /cvsroot/emacs/emacs/lisp/startup.el,v
retrieving revision 1.290
diff -u -r1.290 startup.el
--- lisp/startup.el 6 Feb 2002 14:59:10 -0000 1.290
+++ lisp/startup.el 6 Mar 2002 07:35:01 -0000
@@ -653,6 +653,19 @@
(if (eq system-type 'ms-dos)
(getenv "TMPDIR")))
+ (unless game-state-directory
+ (setq game-state-directory
+ (let (ret
+ choice
+ (choices (list "/var/games/emacs" "/var/games"
+ temporary-file-directory)))
+ (while (and (not ret) (setq choice (car choices)))
+ (when (and (eq (car (file-attributes choice)) t)
+ (file-writable-p choice))
+ (setq ret choice))
+ (setq choices (cdr choices)))
+ ret)))
+
;; See if we should import version-control from the environment variable.
(let ((vc (getenv "VERSION_CONTROL")))
(cond ((eq vc nil)) ;don't do anything if not set
Index: lisp/play/gamegrid.el
===================================================================
RCS file: /cvsroot/emacs/emacs/lisp/play/gamegrid.el,v
retrieving revision 1.5
diff -u -r1.5 gamegrid.el
--- lisp/play/gamegrid.el 3 Mar 2002 14:13:53 -0000 1.5
+++ lisp/play/gamegrid.el 6 Mar 2002 07:35:02 -0000
@@ -404,27 +404,39 @@
;; ;;;;;;;;;;;;;;; high score functions ;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;
-(defun gamegrid-add-score (file score)
- "Add the current score to the high score file."
+(defun gamegrid-add-score (filename score &optional directory)
+ "Add SCORE to the high score file named FILENAME.
+If DIRECTORY is non-nil, then place the high-score file in that
+directory. Otherwise, place the high score file in
+`game-state-directory'.
+Note that there is no attempt made to guarantee that all scores will
+be written to the score file if multiple Emacs users are writing to
+the score file using this function at the same time."
(save-excursion
- (find-file-other-window file)
- (setq buffer-read-only nil)
- (goto-char (point-max))
- (insert (format "%05d\t%s\t%s <%s>\n"
- score
- (current-time-string)
- (user-full-name)
- (cond ((fboundp 'user-mail-address)
- (user-mail-address))
- ((boundp 'user-mail-address)
- user-mail-address)
- (t ""))))
- (sort-numeric-fields 1 (point-min) (point-max))
- (reverse-region (point-min) (point-max))
- (goto-line (1+ gamegrid-score-file-length))
- (delete-region (point) (point-max))
- (setq buffer-read-only t)
- (save-buffer)))
+ (let* (buf
+ (file (expand-file-name filename (or directory game-state-directory)))
+ (tempfile (make-temp-file file)))
+ (while (setq buf (find-buffer-visiting file))
+ (kill-buffer buf))
+ (with-temp-file tempfile
+ (when (file-exists-p file)
+ (insert-file-contents file nil nil nil t))
+ (goto-char (point-max))
+ (insert (format "%05d\t%s\t%s <%s>\n"
+ score
+ (current-time-string)
+ (user-full-name)
+ (cond ((fboundp 'user-mail-address)
+ (user-mail-address))
+ ((boundp 'user-mail-address)
+ user-mail-address)
+ (t ""))))
+ (sort-numeric-fields 1 (point-min) (point-max))
+ (reverse-region (point-min) (point-max))
+ (goto-line (1+ gamegrid-score-file-length))
+ (delete-region (point) (point-max)))
+ (rename-file tempfile file t)
+ (find-file-other-window file))))
;; ;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;
Index: lisp/play/snake.el
===================================================================
RCS file: /cvsroot/emacs/emacs/lisp/play/snake.el,v
retrieving revision 1.8
diff -u -r1.8 snake.el
--- lisp/play/snake.el 3 Mar 2002 16:09:28 -0000 1.8
+++ lisp/play/snake.el 6 Mar 2002 07:35:02 -0000
@@ -82,10 +82,7 @@
(defvar snake-score-y snake-height
"Y position of score.")
-;; It is not safe to put this in /tmp.
-;; Someone could make a symlink in /tmp
-;; pointing to a file you don't want to clobber.
-(defvar snake-score-file "~/.snake-scores"
+(defvar snake-score-file "snake-scores"
"File for holding high scores.")
;; ;;;;;;;;;;;;; display options ;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;
Index: lisp/play/tetris.el
===================================================================
RCS file: /cvsroot/emacs/emacs/lisp/play/tetris.el,v
retrieving revision 1.7
diff -u -r1.7 tetris.el
--- lisp/play/tetris.el 3 Mar 2002 16:09:28 -0000 1.7
+++ lisp/play/tetris.el 6 Mar 2002 07:35:02 -0000
@@ -150,10 +150,7 @@
(defvar tetris-score-y (+ tetris-next-y 6)
"Y position of score.")
-;; It is not safe to put this in /tmp.
-;; Someone could make a symlink in /tmp
-;; pointing to a file you don't want to clobber.
-(defvar tetris-score-file "~/.tetris-scores"
+(defvar tetris-score-file "tetris-scores"
;; anybody with a well-connected server want to host this?
;(defvar tetris-score-file "/anonymous@ftp.pgt.com:/pub/cgw/tetris-scores"
"File for holding high scores.")
next prev parent reply other threads:[~2002-03-06 7:35 UTC|newest]
Thread overview: 46+ messages / expand[flat|nested] mbox.gz Atom feed top
2002-03-01 1:15 many packages write to `temporary-file-directory' insecurely Colin Walters
2002-03-02 11:52 ` Pavel Janík
2002-03-02 21:12 ` Colin Walters
2002-03-02 23:13 ` Pavel Janík
2002-03-03 17:18 ` Stefan Monnier
2002-03-03 20:36 ` Al Petrofsky
2002-03-04 0:07 ` Stefan Monnier
2002-03-04 23:41 ` Richard Stallman
2002-03-05 2:26 ` Al Petrofsky
2002-03-05 15:15 ` Stefan Monnier
2002-03-05 19:57 ` Al Petrofsky
2002-03-05 21:58 ` Richard Stallman
2002-03-04 23:40 ` Richard Stallman
2002-03-05 4:30 ` Colin Walters
2002-03-05 10:20 ` Andreas Schwab
2002-03-05 15:20 ` Stefan Monnier
2002-03-05 19:07 ` Richard Stallman
2002-03-06 4:40 ` Colin Walters
2002-03-06 7:35 ` Colin Walters [this message]
2002-03-06 16:59 ` Stefan Monnier
2002-03-07 2:40 ` Colin Walters
2002-03-07 6:00 ` Eli Zaretskii
2002-03-08 9:08 ` Richard Stallman
2002-03-08 9:08 ` Richard Stallman
2002-03-10 10:46 ` Colin Walters
2002-03-11 9:01 ` Richard Stallman
2002-03-17 22:08 ` Colin Walters
2002-03-18 20:06 ` Richard Stallman
2002-03-18 22:36 ` Colin Walters
2002-03-18 23:49 ` Steve Kemp
2002-03-19 0:31 ` Colin Walters
2002-03-19 6:22 ` Pavel Janík
2002-03-20 5:10 ` Richard Stallman
2002-03-27 23:46 ` Colin Walters
2002-03-31 1:24 ` Richard Stallman
2002-04-05 7:30 ` Colin Walters
2002-04-05 23:41 ` Richard Stallman
2002-03-06 16:59 ` Stefan Monnier
2002-03-06 19:05 ` Colin Walters
2002-03-08 9:07 ` Richard Stallman
2002-03-08 18:52 ` Colin Walters
2002-03-09 10:49 ` Richard Stallman
2002-03-03 14:39 ` Richard Stallman
2002-03-04 4:08 ` Richard Stallman
2002-03-04 4:08 ` Richard Stallman
2002-03-04 4:50 ` Colin Walters
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
List information: https://www.gnu.org/software/emacs/
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=1015400126.18074.0.camel@space-ghost \
--to=walters@debian.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
Code repositories for project(s) associated with this public inbox
https://git.savannah.gnu.org/cgit/emacs.git
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).