diff options
author | Scott Kuhl <kuhl@mtu.edu> | 2022-06-24 11:02:40 -0400 |
---|---|---|
committer | Brian May <brian@linuxpenguins.xyz> | 2022-06-26 09:36:13 +1000 |
commit | df987902069c14392db3a502b398ef4b46cb021f (patch) | |
tree | adb5a8bec09fca4acde311329dcbc555cbd632a9 | |
parent | f9a9dad9fffb7a7d6c0e38c98259ec663a29e96f (diff) |
Fix incorrect permissions for /etc/hosts
If we modify /etc/hosts, we read/copy the ownership and permissions
from the existing /etc/hosts before we make our new temporary file
which will eventually overwrite /etc/hosts. If we fail to retrieve the
permissions of the existing /etc/hosts file, we made the temporary
file owned by root 0o600 permissions. It should have 0o644 permissions
so that /etc/hosts has the correct permissions once we rename it.
It is unlikely many encoutered this bug since most machines have
/etc/hosts prior to sshuttle running and we should be able to read the
permission/ownership of that existing file.
-rw-r--r-- | sshuttle/firewall.py | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/sshuttle/firewall.py b/sshuttle/firewall.py index 0e060e2..b184d9b 100644 --- a/sshuttle/firewall.py +++ b/sshuttle/firewall.py @@ -51,7 +51,7 @@ def rewrite_etc_hosts(hostmap, port): os.chmod(tmpname, st.st_mode) else: os.chown(tmpname, 0, 0) - os.chmod(tmpname, 0o600) + os.chmod(tmpname, 0o644) try: os.rename(tmpname, HOSTSFILE) except OSError: |