oss-sec mailing list archives

Re: uutils coreutils CVEs

From: Collin Funk <collin.funk1 () gmail com>
Date: Sat, 02 May 2026 14:13:57 -0700

Jan wrote:

Collin Funk <collin.funk1 ()    il com> wrote:


We can see that uutils 'mkfifo' creates the fifo with world readable and
writable permissions and then uses chmod() 


    umask(000)                              = 002
    umask(002)                              = 000
    mknodat(AT_FDCWD, "/tmp/fifo", S_IFIFO|0666) = 0


Minor difference, and not disputing the race condition
here, but doesn't this initially yield a fifo with
mode 664, not 666 due to the umask(002) right before?

Ie., not _world_ writable (although _group_ writable),
even prior to chmod(2).


Yes, I should have probably adjusted my example:

    $ mkfifo --version
    mkfifo (uutils coreutils) 0.8.0
    $ (umask 0; strace mkfifo -m 700 /tmp/fifo)
    [...]
    umask(000)                              = 000
    umask(000)                              = 000
    mknodat(AT_FDCWD, "/tmp/fifo", S_IFIFO|0666) = 0
    chmod("/tmp/fifo", 0700)

Thanks,
Collin

Current thread:

uutils coreutils CVEs Collin Funk (May 02)
- Re: uutils coreutils CVEs Jan Schaumann (May 02)
- Re: uutils coreutils CVEs Jakub Wilk (May 04)
  - Re: uutils coreutils CVEs cyber security (May 04)
  - Re: uutils coreutils CVEs Eli Schwartz (May 04)
- <Possible follow-ups>
- Re: uutils coreutils CVEs Collin Funk (May 02)