- (dtucker) [auth-krb5.c gss-serv-krb5.c openbsd-compat/xmmap.c]

Explicitly set umask for mkstemp; ok djm@
author: Darren Tucker <dtucker@zip.com.au> 2004-08-14 23:55:37 +1000
committer: Darren Tucker <dtucker@zip.com.au> 2004-08-14 23:55:37 +1000
commit: 066969339dcd0352965de0ab1b5f693cf2a7fee8 (patch)
tree: df36cda53b0cb0050084516295cd1529e48f01ef /auth-krb5.c
parent: a763105c0f6e4d58f2e477597d1cf5ca5317b1a1 (diff)
1 files changed, 5 insertions, 1 deletions
diff --git a/auth-krb5.c b/auth-krb5.c
index a728ebac..a324ff15 100644
--- a/auth-krb5.c
+++ b/auth-krb5.c
@@ -69,6 +69,7 @@ auth_krb5_password(Authctxt *authctxt, const char *password)
 	krb5_principal server;
 	char ccname[40];
 	int tmpfd;
+	mode_t old_umask;
 #endif
 	krb5_error_code problem;
 	krb5_ccache ccache = NULL;
@@ -147,7 +148,10 @@ auth_krb5_password(Authctxt *authctxt, const char *password)
 
 	snprintf(ccname,sizeof(ccname),"FILE:/tmp/krb5cc_%d_XXXXXX",geteuid());
 
-	if ((tmpfd = mkstemp(ccname+strlen("FILE:")))==-1) {
+	old_umask = umask(0177);
+	tmpfd = mkstemp(ccname + strlen("FILE:"));
+	umask(old_umask);
+	if (tmpfd == -1) {
 		logit("mkstemp(): %.100s", strerror(errno));
 		problem = errno;
 		goto out;
author	Darren Tucker <dtucker@zip.com.au>	2004-08-14 23:55:37 +1000
committer	Darren Tucker <dtucker@zip.com.au>	2004-08-14 23:55:37 +1000
commit	066969339dcd0352965de0ab1b5f693cf2a7fee8 (patch)
tree	df36cda53b0cb0050084516295cd1529e48f01ef /auth-krb5.c
parent	a763105c0f6e4d58f2e477597d1cf5ca5317b1a1 (diff)