Read-only file may be left in writable state #211

sds83uk · 2021-12-23T11:46:38Z

I added a comment to issue #167 to a few days ago, unfortunately a problem with my account meant that I couldn't highlight this further and the comment would not have been displayed on the issue at the time the "patch released" label was added and the issue closed.

I believe that when --fix is used a read-only file may be left writable if:

The file is locked by other process.
The file contains the CVE-2021-45105 vulnerability (requiring an upgrade)
The file is backed up (after setWritable) and later restored
The backup file cannot be truncated

NB: With release 2.5.0, similar edge cases may exist when attempting to --restore a read-only targetFile from a backup.

The text was updated successfully, but these errors were encountered:

xeraph · 2021-12-26T04:38:38Z

@sds83uk Would you test v2.6.2? 7427988

xeraph added the bug Something isn't working label Dec 23, 2021

xeraph self-assigned this Dec 23, 2021

xeraph added a commit that referenced this issue Dec 26, 2021

Fixed read-only file may be left in writable state. See #211

7427988

xeraph added the patch released label Dec 26, 2021

xeraph closed this as completed Dec 30, 2021

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Read-only file may be left in writable state #211

Read-only file may be left in writable state #211

sds83uk commented Dec 23, 2021

xeraph commented Dec 26, 2021

Read-only file may be left in writable state #211

Read-only file may be left in writable state #211

Comments

sds83uk commented Dec 23, 2021

xeraph commented Dec 26, 2021