3843b28 TOOLS: Use file descriptor to avoid races when creating a home directory

Authored and Committed by jhrozek 6 years ago
    TOOLS: Use file descriptor to avoid races when creating a home directory
    
    When creating a home directory, the destination tree can be modified in
    various ways while it is being constructed because directory permissions
    are set before populating the directory. This can lead to file creation
    and permission changes outside the target directory tree, using hard links.
    
    This security problem was assigned CVE-2013-0219
    
    https://fedorahosted.org/sssd/ticket/1782
    
        
file modified
+3 -3
file modified
+358 -321
file modified
+1 -27
file modified
+2 -3