In newer glibc's (versions > 2.06) reasonably secure permissions of
0600 are used when creating a temporary file with mkstemp(). But for
older glibc's (versions <= 2.06) 0666 is used which is not secure.
To ensure that the temporary files created always have reasonably
secure permissions, add a call to umask() that ensures we always set
at most 0600 on the temporary file (and then restore the umask again
so we don't interfere with anything that hapens further on).
Signed-off-by: Jesper Juhl <j...@chaosbits.net>
---
scripts/unifdef.c | 5 +++--
1 file changed, 3 insertions(+), 2 deletions(-)
diff --git a/scripts/unifdef.c b/scripts/unifdef.c
index 7493c0e..f9188fb 100644
--- a/scripts/unifdef.c
+++ b/scripts/unifdef.c
@@ -342,9 +342,10 @@ main(int argc, char *argv[])
"%.*s/" TEMPLATE,
(int)(dirsep - ofilename), ofilename);
else
- snprintf(tempname, sizeof(tempname),
- TEMPLATE);
+ snprintf(tempname, sizeof(tempname), TEMPLATE);
+ mode_t mask = umask(S_IXUSR | S_IRWXG | S_IRWXO);
ofd = mkstemp(tempname);
+ umask(mask);
if (ofd != -1)
output = fdopen(ofd, "wb+");
if (output == NULL)
--
1.7.11.4
--
Jesper Juhl <j...@chaosbits.net> http://www.chaosbits.net/
Don't top-post http://www.catb.org/jargon/html/T/top-post.html
Plain text mails only, please.
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majord...@vger.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/
