From b347167a8d1e8a8d2eb0e5becc6119f7767adf81 Mon Sep 17 00:00:00 2001 From: dtucker Date: Sat, 14 Aug 2004 13:55:37 +0000 Subject: [PATCH] - (dtucker) [auth-krb5.c gss-serv-krb5.c openbsd-compat/xmmap.c] Explicitly set umask for mkstemp; ok djm@ --- ChangeLog | 4 ++++ auth-krb5.c | 6 +++++- gss-serv-krb5.c | 6 +++++- openbsd-compat/xmmap.c | 3 +++ 4 files changed, 17 insertions(+), 2 deletions(-) diff --git a/ChangeLog b/ChangeLog index 754e535c..c83a8ca6 100644 --- a/ChangeLog +++ b/ChangeLog @@ -1,3 +1,7 @@ +20040814 + - (dtucker) [auth-krb5.c gss-serv-krb5.c openbsd-compat/xmmap.c] + Explicitly set umask for mkstemp; ok djm@ + 20040813 - (dtucker) [openbsd-compat/bsd-misc.c] Typo in #ifdef; from vinschen at redhat.com diff --git a/auth-krb5.c b/auth-krb5.c index a728ebac..a324ff15 100644 --- a/auth-krb5.c +++ b/auth-krb5.c @@ -69,6 +69,7 @@ auth_krb5_password(Authctxt *authctxt, const char *password) krb5_principal server; char ccname[40]; int tmpfd; + mode_t old_umask; #endif krb5_error_code problem; krb5_ccache ccache = NULL; @@ -147,7 +148,10 @@ auth_krb5_password(Authctxt *authctxt, const char *password) snprintf(ccname,sizeof(ccname),"FILE:/tmp/krb5cc_%d_XXXXXX",geteuid()); - if ((tmpfd = mkstemp(ccname+strlen("FILE:")))==-1) { + old_umask = umask(0177); + tmpfd = mkstemp(ccname + strlen("FILE:")); + umask(old_umask); + if (tmpfd == -1) { logit("mkstemp(): %.100s", strerror(errno)); problem = errno; goto out; diff --git a/gss-serv-krb5.c b/gss-serv-krb5.c index 6bd5830f..91d87f79 100644 --- a/gss-serv-krb5.c +++ b/gss-serv-krb5.c @@ -134,11 +134,15 @@ ssh_gssapi_krb5_storecreds(ssh_gssapi_client *client) { int tmpfd; char ccname[40]; + mode_t old_umask; snprintf(ccname, sizeof(ccname), "FILE:/tmp/krb5cc_%d_XXXXXX", geteuid()); - if ((tmpfd = mkstemp(ccname + strlen("FILE:"))) == -1) { + old_umask = umask(0177); + tmpfd = mkstemp(ccname + strlen("FILE:")); + umask(old_umask); + if (tmpfd == -1) { logit("mkstemp(): %.100s", strerror(errno)); problem = errno; return; diff --git a/openbsd-compat/xmmap.c b/openbsd-compat/xmmap.c index 07902db8..d136a344 100644 --- a/openbsd-compat/xmmap.c +++ b/openbsd-compat/xmmap.c @@ -50,8 +50,11 @@ void *xmmap(size_t size) if (address == MAP_FAILED) { char tmpname[sizeof(MM_SWAP_TEMPLATE)] = MM_SWAP_TEMPLATE; int tmpfd; + mode_t old_umask; + old_umask = umask(0177); tmpfd = mkstemp(tmpname); + umask(old_umask); if (tmpfd == -1) fatal("mkstemp(\"%s\"): %s", MM_SWAP_TEMPLATE, strerror(errno)); -- 2.45.2