Fix incorrect permissions for /etc/hosts

If we modify /etc/hosts, we read/copy the ownership and permissions from the existing /etc/hosts before we make our new temporary file which will eventually overwrite /etc/hosts. If we fail to retrieve the permissions of the existing /etc/hosts file, we made the temporary file owned by root 0o600 permissions. It should have 0o644 permissions so that /etc/hosts has the correct permissions once we rename it. It is unlikely many encoutered this bug since most machines have /etc/hosts prior to sshuttle running and we should be able to read the permission/ownership of that existing file.
author: Scott Kuhl <kuhl@mtu.edu> 2022-06-24 11:02:40 -0400
committer: Brian May <brian@linuxpenguins.xyz> 2022-06-26 09:36:13 +1000
commit: df987902069c14392db3a502b398ef4b46cb021f (patch)
tree: adb5a8bec09fca4acde311329dcbc555cbd632a9
parent: f9a9dad9fffb7a7d6c0e38c98259ec663a29e96f (diff)
1 files changed, 1 insertions, 1 deletions
diff --git a/sshuttle/firewall.py b/sshuttle/firewall.py
index 0e060e2..b184d9b 100644
--- a/sshuttle/firewall.py
+++ b/sshuttle/firewall.py
@@ -51,7 +51,7 @@ def rewrite_etc_hosts(hostmap, port):
         os.chmod(tmpname, st.st_mode)
     else:
         os.chown(tmpname, 0, 0)
-        os.chmod(tmpname, 0o600)
+        os.chmod(tmpname, 0o644)
     try:
         os.rename(tmpname, HOSTSFILE)
     except OSError:
author	Scott Kuhl <kuhl@mtu.edu>	2022-06-24 11:02:40 -0400
committer	Brian May <brian@linuxpenguins.xyz>	2022-06-26 09:36:13 +1000
commit	df987902069c14392db3a502b398ef4b46cb021f (patch)
tree	adb5a8bec09fca4acde311329dcbc555cbd632a9
parent	f9a9dad9fffb7a7d6c0e38c98259ec663a29e96f (diff)