diff options
| author | Darren Tucker <dtucker@zip.com.au> | 2004-08-14 23:55:37 +1000 |
|---|---|---|
| committer | Darren Tucker <dtucker@zip.com.au> | 2004-08-14 23:55:37 +1000 |
| commit | 066969339dcd0352965de0ab1b5f693cf2a7fee8 (patch) | |
| tree | df36cda53b0cb0050084516295cd1529e48f01ef | |
| parent | a763105c0f6e4d58f2e477597d1cf5ca5317b1a1 (diff) | |
- (dtucker) [auth-krb5.c gss-serv-krb5.c openbsd-compat/xmmap.c]
Explicitly set umask for mkstemp; ok djm@
| -rw-r--r-- | ChangeLog | 6 | ||||
| -rw-r--r-- | auth-krb5.c | 6 | ||||
| -rw-r--r-- | gss-serv-krb5.c | 6 | ||||
| -rw-r--r-- | openbsd-compat/xmmap.c | 5 |
4 files changed, 19 insertions, 4 deletions
@@ -1,3 +1,7 @@ +20040814 + - (dtucker) [auth-krb5.c gss-serv-krb5.c openbsd-compat/xmmap.c] + Explicitly set umask for mkstemp; ok djm@ + 20040813 - (dtucker) [openbsd-compat/bsd-misc.c] Typo in #ifdef; from vinschen at redhat.com @@ -1622,4 +1626,4 @@ - (djm) Trim deprecated options from INSTALL. Mention UsePAM - (djm) Fix quote handling in sftp; Patch from admorten AT umich.edu -$Id: ChangeLog,v 1.3505 2004/08/13 11:30:24 dtucker Exp $ +$Id: ChangeLog,v 1.3506 2004/08/14 13:55:37 dtucker Exp $ diff --git a/auth-krb5.c b/auth-krb5.c index a728ebac..a324ff15 100644 --- a/auth-krb5.c +++ b/auth-krb5.c @@ -69,6 +69,7 @@ auth_krb5_password(Authctxt *authctxt, const char *password) krb5_principal server; char ccname[40]; int tmpfd; + mode_t old_umask; #endif krb5_error_code problem; krb5_ccache ccache = NULL; @@ -147,7 +148,10 @@ auth_krb5_password(Authctxt *authctxt, const char *password) snprintf(ccname,sizeof(ccname),"FILE:/tmp/krb5cc_%d_XXXXXX",geteuid()); - if ((tmpfd = mkstemp(ccname+strlen("FILE:")))==-1) { + old_umask = umask(0177); + tmpfd = mkstemp(ccname + strlen("FILE:")); + umask(old_umask); + if (tmpfd == -1) { logit("mkstemp(): %.100s", strerror(errno)); problem = errno; goto out; diff --git a/gss-serv-krb5.c b/gss-serv-krb5.c index 6bd5830f..91d87f79 100644 --- a/gss-serv-krb5.c +++ b/gss-serv-krb5.c @@ -134,11 +134,15 @@ ssh_gssapi_krb5_storecreds(ssh_gssapi_client *client) { int tmpfd; char ccname[40]; + mode_t old_umask; snprintf(ccname, sizeof(ccname), "FILE:/tmp/krb5cc_%d_XXXXXX", geteuid()); - if ((tmpfd = mkstemp(ccname + strlen("FILE:"))) == -1) { + old_umask = umask(0177); + tmpfd = mkstemp(ccname + strlen("FILE:")); + umask(old_umask); + if (tmpfd == -1) { logit("mkstemp(): %.100s", strerror(errno)); problem = errno; return; diff --git a/openbsd-compat/xmmap.c b/openbsd-compat/xmmap.c index f1a637a3..c8d59dee 100644 --- a/openbsd-compat/xmmap.c +++ b/openbsd-compat/xmmap.c @@ -23,7 +23,7 @@ * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. */ -/* $Id: xmmap.c,v 1.4 2004/05/13 06:39:34 dtucker Exp $ */ +/* $Id: xmmap.c,v 1.5 2004/08/14 13:55:38 dtucker Exp $ */ #include "includes.h" @@ -50,8 +50,11 @@ void *xmmap(size_t size) if (address == MAP_FAILED) { char tmpname[sizeof(MM_SWAP_TEMPLATE)] = MM_SWAP_TEMPLATE; int tmpfd; + mode_t old_umask; + old_umask = umask(0177); tmpfd = mkstemp(tmpname); + umask(old_umask); if (tmpfd == -1) fatal("mkstemp(\"%s\"): %s", MM_SWAP_TEMPLATE, strerror(errno)); |