summaryrefslogtreecommitdiff
path: root/perl.c
diff options
context:
space:
mode:
authorNiko Tyni <ntyni@debian.org>2016-01-21 18:17:32 +0200
committerJarkko Hietaniemi <jhi@iki.fi>2016-01-29 17:22:15 -0500
commite57270be442bfaa9dc23eebd67485e5a806b44e3 (patch)
tree2b00716bb522ebe4f3e6175133ea5eab025868f6 /perl.c
parentdcf88e3433dcd5bc25811f9769e82d04c61a1d5a (diff)
downloadperl-e57270be442bfaa9dc23eebd67485e5a806b44e3.tar.gz
Fix umask for mkstemp(3) calls
With commit v5.21.0-67-g60f7fc1, perl started setting umask to 0600 before calling mkstemp(3), and then restoring it afterwards. This is wrong as it tells open(2) to strip the owner read and write bits from the given mode before applying it, rather than the intended negation of leaving only those bits in place. On modern systems which call open(2) with mode 0600 in mkstemp(3), this clears all the created temporary file permissions. However, any systems that use mode 0666 in mkstemp(3) (like ancient versions of glibc) now create a file with permissions 0066, leaving world read and write permission regardless of current umask. Using umask 0177 instead fixes this. Bug: https://rt.perl.org/Ticket/Display.html?id=127322
Diffstat (limited to 'perl.c')
-rw-r--r--perl.c2
1 files changed, 1 insertions, 1 deletions
diff --git a/perl.c b/perl.c
index c7c1fe62c1..1d94b38777 100644
--- a/perl.c
+++ b/perl.c
@@ -3785,7 +3785,7 @@ S_open_script(pTHX_ const char *scriptname, bool dosearch, bool *suidscript)
const char * const err = "Failed to create a fake bit bucket";
if (strEQ(scriptname, BIT_BUCKET)) {
#ifdef HAS_MKSTEMP /* Hopefully mkstemp() is safe here. */
- int old_umask = umask(0600);
+ int old_umask = umask(0177);
int tmpfd = mkstemp(tmpname);
umask(old_umask);
if (tmpfd > -1) {