Force umask to 077 (instead of 000) during the edit phase, to get

secure permissions in case the user attempts to save something to
a file of his own.

Move umask stuff out of pw_init() into main() for better visibility
of overall umask tweaking logic.

PR:		misc/11797

2 files changed, 6 insertions, 5 deletions

diff --git a/usr.sbin/vipw/pw_util.c b/usr.sbin/vipw/pw_util.c
index cdfcc4d..5930342 100644
--- a/usr.sbin/vipw/pw_util.c
+++ b/usr.sbin/vipw/pw_util.c
@@ -36,7 +36,7 @@
 static const char sccsid[] = "@(#)pw_util.c	8.3 (Berkeley) 4/2/94";
 #endif
 static const char rcsid[] =
-	"$Id: pw_util.c,v 1.13 1998/12/13 01:39:32 dillon Exp $";
+	"$Id: pw_util.c,v 1.14 1999/06/26 07:16:38 sheldonh Exp $";
 #endif /* not lint */
 
 /*
@@ -103,9 +103,6 @@ pw_init()
 	(void)signal(SIGQUIT, SIG_IGN);
 	(void)signal(SIGTERM, SIG_IGN);
 	(void)signal(SIGCONT, pw_cont);
-
-	/* Create with exact permissions. */
-	(void)umask(0);
 }
 
 int
diff --git a/usr.sbin/vipw/vipw.c b/usr.sbin/vipw/vipw.c
index e7d8778..dc04d06 100644
--- a/usr.sbin/vipw/vipw.c
+++ b/usr.sbin/vipw/vipw.c
@@ -42,7 +42,7 @@ static const char copyright[] =
 static char sccsid[] = "@(#)vipw.c	8.3 (Berkeley) 4/2/94";
 #endif
 static const char rcsid[] =
-	"$Id: vipw.c,v 1.6 1999/06/26 07:16:42 sheldonh Exp $";
+	"$Id: vipw.c,v 1.7 1999/06/26 10:45:06 sheldonh Exp $";
 #endif /* not lint */
 
 #include <sys/types.h>
@@ -100,10 +100,14 @@ main(argc, argv)
 		usage();
 
 	pw_init();
+	/* Create with exact permissions. */
+	(void)umask(0);
 	pfd = pw_lock();
 	tfd = pw_tmp();
 	copyfile(pfd, tfd);
 	(void)close(tfd);
+	/* Force umask for partial writes made in the edit phase */
+	(void)umask(077);
 
 	for (;;) {
 		if (stat(tempname, &begin))