View Issue Details
| ID | Project | Category | View Status | Date Submitted | Last Update |
|---|---|---|---|---|---|
| 0000331 | 1003.1(2008)/Issue 7 | System Interfaces | public | 2010-10-11 22:23 | 2011-09-22 16:25 |
| Reporter | dwheeler | Assigned To | ajosey | ||
| Priority | normal | Severity | Objection | Type | Enhancement Request |
| Status | Closed | Resolution | Duplicate | ||
| Name | David A. Wheeler | ||||
| Organization | |||||
| User Reference | |||||
| Section | XSH - fopen, freopen, and fdopen | ||||
| Page Number | 820-926 | ||||
| Line Number | 27373-31021 | ||||
| Interp Status | --- | ||||
| Final Accepted Text | |||||
| Summary | 0000331: Add 'x' mode to fopen and freopen to force O_EXCL (and declare that fdopen ignores 'x') | ||||
| Description | Some security vulnerabilities can be countered by exclusively opening a file using, e.g., open's O_EXCL flag (e.g., see the discussion on CWE-377, Insecure Temporary File). Unfortunately, fopen and freopen don't provide a standard flag for accessing this. Making it easier to invoke this would make it easier to avoid certain security vulnerabilities. GNU/Linux *does* provide such a flag, 'x', for fopen and freopen. This proposal recommends making it a standard flag. Per its man page, the flag 'x' in a mode has this meaning: x Open the file exclusively (like the O_EXCL flag of open(2)). If the file already exists, fopen() fails, and sets errno to EEX- IST. This flag is ignored for fdopen(). | ||||
| Desired Action | In fopen, after line 29134: If the flag 'x' is included in the mode and after the first character, open the file exclusively, just as if including the O_EXCL | O_CREAT flags of open(2). If the file already exists, fail and set errno to EEXIST. In freopen, after line 30889: If the flag 'x' is included in the mode and after the first character, attempt to open the file exclusively, just as if including the O_EXCL | O_CREAT flags of open(2). If the file already exists, fail and set errno to EEXIST. In fdopen, after line 27388: If the flag 'x' is included in the mode, it is ignored. | ||||
| Tags | c99 | ||||
|
|
Please note that the C committee is considering a similar change (they require that the 'x' character be the last character in the mode string). We should wait till that standard is complete and align with their change. For a current working draft of the C revision, see http://www.open-std.org/jtc1/sc22/wg14/www/docs/n1516.pdf |
|
|
The committee draft ballot for the C1x standard is due to start within the next 2-3 weeks. The 'x' character for fopen is regarded as non-controversial. |
|
|
Closing as duplicate of 0000411 |
| Date Modified | Username | Field | Change |
|---|---|---|---|
| 2010-10-11 22:23 | dwheeler | New Issue | |
| 2010-10-11 22:23 | dwheeler | Status | New => Under Review |
| 2010-10-11 22:23 | dwheeler | Assigned To | => ajosey |
| 2010-10-11 22:23 | dwheeler | Name | => David A. Wheeler |
| 2010-10-11 22:23 | dwheeler | Section | => XSH - fopen, freopen, and fdopen |
| 2010-10-11 22:23 | dwheeler | Page Number | => 820-926 |
| 2010-10-11 22:23 | dwheeler | Line Number | => 27373-31021 |
| 2010-10-28 16:12 | nick | Tag Attached: c99 | |
| 2010-10-28 16:14 | nick | Note Added: 0000592 | |
| 2010-11-05 15:11 | nick | Note Added: 0000610 | |
| 2011-09-22 16:21 | eblake | Relationship added | related to 0000411 |
| 2011-09-22 16:22 | nick | Relationship replaced | duplicate of 0000411 |
| 2011-09-22 16:23 | nick | Interp Status | => --- |
| 2011-09-22 16:23 | nick | Note Added: 0000972 | |
| 2011-09-22 16:23 | nick | Status | Under Review => Resolved |
| 2011-09-22 16:23 | nick | Resolution | Open => Duplicate |
| 2011-09-22 16:24 | nick | Note Edited: 0000972 | |
| 2011-09-22 16:25 | nick | Status | Resolved => Closed |
