From owner-cvs-usrbin  Mon Jul  1 01:06:19 1996
Return-Path: owner-cvs-usrbin
Received: (from root@localhost)
          by freefall.freebsd.org (8.7.5/8.7.3) id BAA08565
          for cvs-usrbin-outgoing; Mon, 1 Jul 1996 01:06:19 -0700 (PDT)
Received: from irz301.inf.tu-dresden.de (irz301.inf.tu-dresden.de [141.76.1.11])
          by freefall.freebsd.org (8.7.5/8.7.3) with SMTP id AAA07123;
          Mon, 1 Jul 1996 00:53:17 -0700 (PDT)
Received: from sax.sax.de by irz301.inf.tu-dresden.de (8.6.12/8.6.12-s1) with ESMTP id JAA17615; Mon, 1 Jul 1996 09:53:03 +0200
Received: (from uucp@localhost) by sax.sax.de (8.6.12/8.6.12-s1) with UUCP id JAA10858; Mon, 1 Jul 1996 09:53:02 +0200
Received: (from j@localhost) by uriah.heep.sax.de (8.7.5/8.6.9) id JAA09785; Mon, 1 Jul 1996 09:02:42 +0200 (MET DST)
From: J Wunsch <j@uriah.heep.sax.de>
Message-Id: <199607010702.JAA09785@uriah.heep.sax.de>
Subject: Re: cvs commit:  src/usr.bin/ktrace ktrace.c
To: rgrimes@gndrsh.aac.dev.com (Rodney W. Grimes)
Date: Mon, 1 Jul 1996 09:02:42 +0200 (MET DST)
Cc: joerg@freefall.freebsd.org, CVS-committers@freefall.freebsd.org,
        cvs-all@freefall.freebsd.org, cvs-usrbin@freefall.freebsd.org
In-Reply-To: <199606301515.IAA19104@GndRsh.aac.dev.com> from "Rodney W. Grimes" at "Jun 30, 96 08:15:15 am"
X-Phone: +49-351-2012 669
X-PGP-Fingerprint: DC 47 E6 E4 FF A6 E9 8F  93 21 E0 7D F9 12 D6 4E 
X-Mailer: ELM [version 2.4ME+ PL17 (25)]
MIME-Version: 1.0
Content-Type: text/plain; charset=US-ASCII
Content-Transfer-Encoding: 7bit
Sender: owner-cvs-usrbin@FreeBSD.ORG
X-Loop: FreeBSD.org
Precedence: bulk

As Rodney W. Grimes wrote:

> >   Do always create ktrace.out with mode 0600, to prevent it from
> >   accidentally compromising information confidential to the user running
> >   ktrace.
> >   
> >   Revision  Changes    Path
> >   1.5       +4 -1      src/usr.bin/ktrace/ktrace.c
> 
> Ahh... there is already a command to protect the user from such foolishness,
> the statement above could be applied to _any_ command.
> 
> umask 077 if you are working with sensitive data.

That's exactly what i'm doing.  Anyway, there's no need that
ktrace.out is readable by anyone else.  It's about in the same
category as core files, and those are also being created as 0600.

-- 
cheers, J"org

joerg_wunsch@uriah.heep.sax.de -- http://www.sax.de/~joerg/ -- NIC: JW11-RIPE
Never trust an operating system you don't have sources for. ;-)