From 7cefcfe3b03f8c4bf6e6489f24f9e667f6593120 Mon Sep 17 00:00:00 2001
From: ache <ache@FreeBSD.org>
Date: Fri, 29 Jul 2005 09:59:24 +0000
Subject: Create /etc/opiekeys with 0600, not 0644

PR:     84221
---
 contrib/opie/libopie/readrec.c  | 4 +++-
 contrib/opie/libopie/writerec.c | 6 ++++--
 2 files changed, 7 insertions(+), 3 deletions(-)

(limited to 'contrib/opie')

diff --git a/contrib/opie/libopie/readrec.c b/contrib/opie/libopie/readrec.c
index 98ec658..f56af7f 100644
--- a/contrib/opie/libopie/readrec.c
+++ b/contrib/opie/libopie/readrec.c
@@ -14,6 +14,8 @@ you didn't get a copy, you may request one from <license@inner.net>.
 		support. Fixed a debug message typo. Keep going after bogus
                 records. Set read flag.
 	Created by cmetz for OPIE 2.3.
+
+$FreeBSD$
 */
 #include "opie_cfg.h"
 
@@ -94,7 +96,7 @@ int __opiereadrec FUNCTION((opie), struct opie *opie)
   FILE *f = NULL;
   int rval = -1;
 
-  if (!(f = __opieopen(KEY_FILE, 0, 0644))) {
+  if (!(f = __opieopen(KEY_FILE, 0, 0600))) {
 #if DEBUG
     syslog(LOG_DEBUG, "__opiereadrec: __opieopen(KEY_FILE..) failed!");
 #endif /* DEBUG */
diff --git a/contrib/opie/libopie/writerec.c b/contrib/opie/libopie/writerec.c
index 5ba53fe..3d88b34 100644
--- a/contrib/opie/libopie/writerec.c
+++ b/contrib/opie/libopie/writerec.c
@@ -13,6 +13,8 @@ you didn't get a copy, you may request one from <license@inner.net>.
 	Modified by cmetz for OPIE 2.31. Removed active attack protection
 		support. Fixed passwd bug.
 	Created by cmetz for OPIE 2.3 from passwd.c.
+
+$FreeBSD$
 */
 #include "opie_cfg.h"
 
@@ -65,13 +67,13 @@ int __opiewriterec FUNCTION((opie), struct opie *opie)
 
   switch(i) {
   case 0:
-    if (!(f = __opieopen(KEY_FILE, 1, 0644)))
+    if (!(f = __opieopen(KEY_FILE, 1, 0600)))
       return -1;
     if (fseek(f, opie->opie_recstart, SEEK_SET))
       return -1;
     break;
   case 1:
-    if (!(f = __opieopen(KEY_FILE, 2, 0644)))
+    if (!(f = __opieopen(KEY_FILE, 2, 0600)))
       return -1;
     break;
   default:
-- 
cgit v1.1