Set umask to be less restrictive before creating parent directories.

Otherwise we could end up creating them with a more restrictive mode than indended. Coverity CID 221592
author: Todd C. Miller <Todd.Miller@sudo.ws> 2021-08-14 10:49:51 -0600
committer: Todd C. Miller <Todd.Miller@sudo.ws> 2021-08-14 10:49:51 -0600
commit: f2101d4a8558dfd5b163313de43655ea0583f34e (patch)
tree: 8035309042b96a9c59fc4bb090ce9c478c4189f9 /logsrvd/logsrvd.c
parent: 8c9c2610b0b43363f7a6068647505f0123b3d69d (diff)
download: sudo-f2101d4a8558dfd5b163313de43655ea0583f34e.tar.gz
1 files changed, 6 insertions, 0 deletions
diff --git a/logsrvd/logsrvd.c b/logsrvd/logsrvd.c
index 20929af00..19d8b3152 100644
--- a/logsrvd/logsrvd.c
+++ b/logsrvd/logsrvd.c
@@ -1751,12 +1751,16 @@ write_pidfile(void)
     FILE *fp;
     int fd;
     bool success;
+    mode_t oldmask;
     char *pid_file = (char *)logsrvd_conf_pid_file();
     debug_decl(write_pidfile, SUDO_DEBUG_UTIL);
 
     if (pid_file == NULL)
 	debug_return;
 
+    /* Default logsrvd umask is more restrictive (077). */
+    oldmask = umask(S_IWGRP|S_IWOTH);
+
     /* sudo_mkdir_parents() modifies the path but restores it before return. */
     success = sudo_mkdir_parents(pid_file, ROOT_UID, ROOT_GID,
 	S_IRWXU|S_IXGRP|S_IXOTH, false);
@@ -1774,6 +1778,8 @@ write_pidfile(void)
 	    fclose(fp);
 	}
     }
+    umask(oldmask);
+
     debug_return;
 }
author	Todd C. Miller <Todd.Miller@sudo.ws>	2021-08-14 10:49:51 -0600
committer	Todd C. Miller <Todd.Miller@sudo.ws>	2021-08-14 10:49:51 -0600
commit	f2101d4a8558dfd5b163313de43655ea0583f34e (patch)
tree	8035309042b96a9c59fc4bb090ce9c478c4189f9 /logsrvd/logsrvd.c
parent	8c9c2610b0b43363f7a6068647505f0123b3d69d (diff)
download	sudo-f2101d4a8558dfd5b163313de43655ea0583f34e.tar.gz