rpmio: Set a umask before using mkstemp()

This commit sets a restrictive umask before calling mkstemp(). This is because the permissions of files created by mkstemp() are not defined in POSIX. Old versions of glibc created files with mode 0666 which can be a security hole. Because the behavior is implementation-dependent, we set a umask.
author: Mukund Sivaraman <muks@banu.com> 2011-09-30 15:34:44 +0530
committer: Panu Matilainen <pmatilai@redhat.com> 2011-10-11 12:57:18 +0300
commit: 8d0da6e2eac44c8cbf7ed6b7e73f64fcf325c055 (patch)
tree: 476ccd03dfe8f821e244995b9a97d7b6bd2c74df /rpmio/rpmfileutil.c
parent: cc62aaa761e570b07125bac2c00450b07f4467a7 (diff)
download: rpm-8d0da6e2eac44c8cbf7ed6b7e73f64fcf325c055.tar.gz
1 files changed, 6 insertions, 0 deletions
diff --git a/rpmio/rpmfileutil.c b/rpmio/rpmfileutil.c
index 4031c18e1..7c229e67b 100644
--- a/rpmio/rpmfileutil.c
+++ b/rpmio/rpmfileutil.c
@@ -17,6 +17,8 @@
 #include <sys/mman.h>
 #endif
 
+#include <sys/types.h>
+#include <sys/stat.h>
 #include <sys/wait.h>
 #include <errno.h>
 #include <popt.h>
@@ -237,10 +239,14 @@ exit:
 
 FD_t rpmMkTemp(char *templ)
 {
+    mode_t mode;
     int sfd;
     FD_t tfd = NULL;
 
+    mode = umask(0077);
     sfd = mkstemp(templ);
+    umask(mode);
+
     if (sfd < 0) {
 	goto exit;
     }
author	Mukund Sivaraman <muks@banu.com>	2011-09-30 15:34:44 +0530
committer	Panu Matilainen <pmatilai@redhat.com>	2011-10-11 12:57:18 +0300
commit	8d0da6e2eac44c8cbf7ed6b7e73f64fcf325c055 (patch)
tree	476ccd03dfe8f821e244995b9a97d7b6bd2c74df /rpmio/rpmfileutil.c
parent	cc62aaa761e570b07125bac2c00450b07f4467a7 (diff)
download	rpm-8d0da6e2eac44c8cbf7ed6b7e73f64fcf325c055.tar.gz