CVSROOT: /cvs Module name: src Changes by: bl...@cvs.openbsd.org 2015/10/15 13:30:03
Modified files:
usr.bin/x99token: x99token.c
Log message:
Avoid a race between fopen(3) and fchmod(2). Use umask(2) and
unlink(2) and fopen(3) to prevent an attacker to open an old file
with wrong permissions before the secret is written into it. This
also guarantees that a new file with correct permissions is created.
Without fchmod(2) "fattr" can be removed from pledge.
with and OK deraadt@
