diff options
author | Todd C. Miller <Todd.Miller@sudo.ws> | 2021-04-23 18:58:55 -0600 |
---|---|---|
committer | Todd C. Miller <Todd.Miller@sudo.ws> | 2021-04-23 18:58:55 -0600 |
commit | 2402f3ee5ea2c805e839bb8e5f09f2cbb6392e86 (patch) | |
tree | 15e7dc936fd494ef1e2e6a66baf94ab36a2e660c /logsrvd/logsrvd.c | |
parent | 100b584588cc3c416583b794f7d643979768225e (diff) | |
download | sudo-2402f3ee5ea2c805e839bb8e5f09f2cbb6392e86.tar.gz |
Set a restrictive umask so new files are only read/write by owner.
Coverity CID 221402
Diffstat (limited to 'logsrvd/logsrvd.c')
-rw-r--r-- | logsrvd/logsrvd.c | 3 |
1 files changed, 3 insertions, 0 deletions
diff --git a/logsrvd/logsrvd.c b/logsrvd/logsrvd.c index 55373d925..12ec8a8e5 100644 --- a/logsrvd/logsrvd.c +++ b/logsrvd/logsrvd.c @@ -2049,6 +2049,9 @@ main(int argc, char *argv[]) bindtextdomain("sudo", LOCALEDIR); /* XXX - add logsrvd domain */ textdomain("sudo"); + /* Create files readable/writable only by owner. */ + umask(S_IRWXG|S_IRWXO); + /* Register fatal/fatalx callback. */ sudo_fatal_callback_register(logsrvd_cleanup); |