Various security related deltas from OpenBSD

dirs.c:
	From OpenBSD 1.2, 1.3, 1.5, 1.8, 1.10, 1.11, 1.12
	1.2:
		use unique temporary files; netbsd pr#2544;
		lukem@supp.cpr.itg.telecom.com.au
	1.3:
		updated patch from lukem@supp.cpr.itg.telecom.com.au
		to also make -r and -R work again
	1.5:
		mktemp open & fdopen
	1.8:
		/tmp// -> /tmp/
	1.10:
		Fix strncpy usage and correct strncat length field,
		from Theo.  Also change some occurrence of MAXPATHLEN
		with sizeof(foo).
	1.11:
		does noone know how to use strncat correctly?
	1.12:
		use mkstemp()
	From NetBSD:
		Use open rather than create so we can specify
		exclusive open mode.

main.c:
	From OpenBSD 1.2, 1.5
	1.2:
		From NetBSD: support $TAPE.
	1.5
		Set umask to be read only by owner until we set real
		file permissions.
tape.c:
	From NetBSD:
		Use open rather than create so we can specify
		exclusive open mode.

1 files changed, 6 insertions, 1 deletions

diff --git a/sbin/restore/main.c b/sbin/restore/main.c
index 936116e..a459945 100644
--- a/sbin/restore/main.c
+++ b/sbin/restore/main.c
@@ -82,13 +82,18 @@ main(argc, argv)
 {
 	int ch;
 	ino_t ino;
-	char *inputdev = _PATH_DEFTAPE;
+	char *inputdev;
 	char *symtbl = "./restoresymtable";
 	char *p, name[MAXPATHLEN];
 
+	/* Temp files should *not* be readable.  We set permissions later. */
+	(void) umask(077);
+
 	if (argc < 2)
 		usage();
 
+	if ((inputdev = getenv("TAPE")) == NULL)
+		inputdev = _PATH_DEFTAPE;
 	obsolete(&argc, &argv);
 	while ((ch = getopt(argc, argv, "b:cdf:himNRrs:tvxy")) != EOF)
 		switch(ch) {