Date: 28 Jun 1999 18:28:24 +0200 From: Dag-Erling Smorgrav <des@flood.ping.uio.no> To: Pierre Beyssac <pb@FreeBSD.org> Cc: cvs-committers@FreeBSD.org, cvs-all@FreeBSD.org Subject: Re: cvs commit: src/usr.sbin/vipw pw_util.c vipw.c Message-ID: <xzpogi01e8n.fsf@flood.ping.uio.no> In-Reply-To: Pierre Beyssac's message of "Sat, 26 Jun 1999 05:15:45 -0700 (PDT)" References: <199906261215.FAA18022@freefall.freebsd.org>
next in thread | previous in thread | raw e-mail | index | archive | help
Pierre Beyssac <pb@FreeBSD.org> writes:
> Log:
> Force umask to 077 (instead of 000) during the edit phase, to get
> secure permissions in case the user attempts to save something to
> a file of his own.
Wrong fix. The correct fix is to save and restore the original umask.
See attached patch.
DES
--
Dag-Erling Smorgrav - des@flood.ping.uio.no
Index: vipw.c
===================================================================
RCS file: /home/ncvs/src/usr.sbin/vipw/vipw.c,v
retrieving revision 1.8
diff -u -r1.8 vipw.c
--- vipw.c 1999/06/26 12:15:39 1.8
+++ vipw.c 1999/06/28 16:27:50
@@ -72,6 +72,7 @@
int pfd, tfd;
struct stat begin, end;
int ch;
+ mode_t um;
while ((ch = getopt(argc, argv, "d:")) != -1)
switch (ch) {
@@ -101,13 +102,13 @@
pw_init();
/* Create with exact permissions. */
- (void)umask(0);
+ um = umask(0);
pfd = pw_lock();
tfd = pw_tmp();
copyfile(pfd, tfd);
(void)close(tfd);
/* Force umask for partial writes made in the edit phase */
- (void)umask(077);
+ (void)umask(um);
for (;;) {
if (stat(tempname, &begin))
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe cvs-all" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?xzpogi01e8n.fsf>