- (bal) Avoid socket file security issues in ssh-agent for Cygwin.

   Patch by Egor Duda <deo@logos-m.ru>

2 files changed, 15 insertions, 1 deletions

diff --git a/ChangeLog b/ChangeLog
index a5bb2667..6636537a 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,5 +1,7 @@
 20010504
  - (bal) Updated Cygwin README by Corinna Vinschen <vinschen@redhat.com>
+ - (bal) Avoid socket file security issues in ssh-agent for Cygwin.
+   Patch by Egor Duda <deo@logos-m.ru>
 
 20010430
  - (djm) Add .cvsignore files, suggested by Wayne Davison <wayne@blorf.net>
@@ -5280,4 +5282,4 @@
  - Wrote replacements for strlcpy and mkdtemp
  - Released 1.0pre1
 
-$Id: ChangeLog,v 1.1179.2.7 2001/05/03 22:48:03 mouring Exp $
+$Id: ChangeLog,v 1.1179.2.8 2001/05/03 23:00:39 mouring Exp $
diff --git a/ssh-agent.c b/ssh-agent.c
index e8362ded..07dafaa5 100644
--- a/ssh-agent.c
+++ b/ssh-agent.c
@@ -714,6 +714,9 @@ main(int ac, char **av)
 #ifdef HAVE_SETRLIMIT
 	struct rlimit rlim;
 #endif
+#ifdef HAVE_CYGWIN
+	int prev_mask;
+#endif
 	pid_t pid;
 	char *shell, *format, *pidstr, pidstrbuf[1 + 3 * sizeof pid];
 	extern int optind;
@@ -805,10 +808,19 @@ main(int ac, char **av)
 	memset(&sunaddr, 0, sizeof(sunaddr));
 	sunaddr.sun_family = AF_UNIX;
 	strlcpy(sunaddr.sun_path, socket_name, sizeof(sunaddr.sun_path));
+#ifdef HAVE_CYGWIN
+	prev_mask = umask(0177);
+#endif
 	if (bind(sock, (struct sockaddr *) & sunaddr, sizeof(sunaddr)) < 0) {
 		perror("bind");
+#ifdef HAVE_CYGWIN
+		umask(prev_mask);
+#endif
 		cleanup_exit(1);
 	}
+#ifdef HAVE_CYGWIN
+	umask(prev_mask);
+#endif
 	if (listen(sock, 5) < 0) {
 		perror("listen");
 		cleanup_exit(1);