bughz/tinyproxy
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Set umask before mkstemp() for some versions of glibc

Browse Source
This commit is contained in:
Mukund Sivaraman 2008-08-24 11:27:38 +05:30
parent 62ddbd5e74
commit fce253253a
2 changed files with 6 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
src/daemon.c
View File

@ -42,7 +42,7 @@ makedaemon(void)
exit(0); exit(0);
chdir("/"); chdir("/");
umask(077); umask(0177);
#if NDEBUG #if NDEBUG
/* /*

5
src/tinyproxy.c
View File

@ -188,6 +188,11 @@ main(int argc, char **argv)
} }
#endif /* HAVE_SETRLIMIT */ #endif /* HAVE_SETRLIMIT */
/* Only allow u+rw bits. This may be required for some versions
* of glibc so that mkstemp() doesn't make us vulnerable.
*/
umask(0177);
/* Default configuration file location */ /* Default configuration file location */
config.config_file = DEFAULT_CONF_FILE; config.config_file = DEFAULT_CONF_FILE;