> The obviously correct way to do that is to simply change the permissions of the file.
Obvious, but incorrect. As pointed out elsewhere, the permission check is done when a process opens a file, not when it performs read/write operations. So, an attacker could get a legitimate file, open in for writes, trigger the zoom update on it, zoom would then change the permissions to prevent writes, and then the attacker could modify the file using its already-open file handle.
Obvious, but incorrect. As pointed out elsewhere, the permission check is done when a process opens a file, not when it performs read/write operations. So, an attacker could get a legitimate file, open in for writes, trigger the zoom update on it, zoom would then change the permissions to prevent writes, and then the attacker could modify the file using its already-open file handle.