diff options
author | pb <pb@FreeBSD.org> | 1999-06-26 12:15:39 +0000 |
---|---|---|
committer | pb <pb@FreeBSD.org> | 1999-06-26 12:15:39 +0000 |
commit | 2f10423ca8c93d41886e4a2029555624613fa43f (patch) | |
tree | 8b2d185387b980567968ea73c2269ee9dd82ed99 /usr.sbin/vipw/vipw.c | |
parent | 418f613da58f1a5e74d32645bcde00a5fcca9bb2 (diff) | |
download | FreeBSD-src-2f10423ca8c93d41886e4a2029555624613fa43f.zip FreeBSD-src-2f10423ca8c93d41886e4a2029555624613fa43f.tar.gz |
Force umask to 077 (instead of 000) during the edit phase, to get
secure permissions in case the user attempts to save something to
a file of his own.
Move umask stuff out of pw_init() into main() for better visibility
of overall umask tweaking logic.
PR: misc/11797
Diffstat (limited to 'usr.sbin/vipw/vipw.c')
-rw-r--r-- | usr.sbin/vipw/vipw.c | 6 |
1 files changed, 5 insertions, 1 deletions
diff --git a/usr.sbin/vipw/vipw.c b/usr.sbin/vipw/vipw.c index e7d8778..dc04d06 100644 --- a/usr.sbin/vipw/vipw.c +++ b/usr.sbin/vipw/vipw.c @@ -42,7 +42,7 @@ static const char copyright[] = static char sccsid[] = "@(#)vipw.c 8.3 (Berkeley) 4/2/94"; #endif static const char rcsid[] = - "$Id: vipw.c,v 1.6 1999/06/26 07:16:42 sheldonh Exp $"; + "$Id: vipw.c,v 1.7 1999/06/26 10:45:06 sheldonh Exp $"; #endif /* not lint */ #include <sys/types.h> @@ -100,10 +100,14 @@ main(argc, argv) usage(); pw_init(); + /* Create with exact permissions. */ + (void)umask(0); pfd = pw_lock(); tfd = pw_tmp(); copyfile(pfd, tfd); (void)close(tfd); + /* Force umask for partial writes made in the edit phase */ + (void)umask(077); for (;;) { if (stat(tempname, &begin)) |