07: efreet: Set umask before creating temp file

Gustavo Sverzut Barbieri Mon, 14 Oct 2013 08:44:31 -0700

1 - we have eina_file_mkstemp(), use it.

2 - eina_file_mkstemp() does not enforce any of umask(), should it?


On Mon, Oct 14, 2013 at 8:23 AM, Sebastian Dransfeld
<sebastian.dransf...@sintef.no> wrote:
> englebass pushed a commit to branch master.
>
> http://git.enlightenment.org/core/efl.git/commit/?id=67a8feeb08e9dd6e58a1fb148a826e781ca5260d
>
> commit 67a8feeb08e9dd6e58a1fb148a826e781ca5260d
> Author: Sebastian Dransfeld <sebastian.dransf...@sintef.no>
> Date:   Mon Oct 14 13:19:59 2013 +0200
>
>     efreet: Set umask before creating temp file
>
>     CID 1039616
> ---
>  src/bin/efreet/efreet_desktop_cache_create.c | 7 +++++++
>  1 file changed, 7 insertions(+)
>
> diff --git a/src/bin/efreet/efreet_desktop_cache_create.c 
> b/src/bin/efreet/efreet_desktop_cache_create.c
> index 577091f..2fc6e91 100644
> --- a/src/bin/efreet/efreet_desktop_cache_create.c
> +++ b/src/bin/efreet/efreet_desktop_cache_create.c
> @@ -225,6 +225,7 @@ main(int argc, char **argv)
>      int i;
>      char file[PATH_MAX] = { '\0' };
>      char util_file[PATH_MAX] = { '\0' };
> +    mode_t um;
>
>      if (!eina_init()) goto eina_error;
>      _efreet_desktop_cache_log_dom =
> @@ -296,14 +297,20 @@ main(int argc, char **argv)
>
>      /* create cache */
>      snprintf(file, sizeof(file), "%s.XXXXXX", efreet_desktop_cache_file());
> +    /* set secure umask for temporary files */
> +    um = umask(0077);
>      tmpfd = mkstemp(file);
> +    umask(um);
>      if (tmpfd < 0) goto error;
>      close(tmpfd);
>      ef = eet_open(file, EET_FILE_MODE_READ_WRITE);
>      if (!ef) goto error;
>
>      snprintf(util_file, sizeof(util_file), "%s.XXXXXX", 
> efreet_desktop_util_cache_file());
> +    /* set secure umask for temporary files */
> +    um = umask(0077);
>      tmpfd = mkstemp(util_file);
> +    umask(um);
>      if (tmpfd < 0) goto error;
>      close(tmpfd);
>      util_ef = eet_open(util_file, EET_FILE_MODE_READ_WRITE);
>
> --
>
>



-- 
Gustavo Sverzut Barbieri
--------------------------------------
Mobile: +55 (19) 9225-2202
Contact: http://www.gustavobarbieri.com.br/contact

------------------------------------------------------------------------------
October Webinars: Code for Performance
Free Intel webinars can help you accelerate application performance.
Explore tips for MPI, OpenMP, advanced profiling, and more. Get the most from 
the latest Intel processors and coprocessors. See abstracts and register >
http://pubads.g.doubleclick.net/gampad/clk?id=60134071&iu=/4140/ostg.clktrk
_______________________________________________
enlightenment-devel mailing list
enlightenment-devel@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/enlightenment-devel

Re: [E-devel] [EGIT] [core/efl] master 04/07: efreet: Set umask before creating temp file

Reply via email to