Date: Fri, 17 Aug 2012 21:38:20 +0200 (CEST)
From: Jesper Juhl <jj@chaosbits.net>
To: Tony Finch <dot@dotat.at>
cc: linux-kernel@vger.kernel.org
Subject: [PATCH] unifdef: set a secure umask before calling mkstemp()
Message-ID: <alpine.LNX.2.00.1208172136490.15699@swampdragon.chaosbits.net>
User-Agent: Alpine 2.00 (LNX 1167 2008-08-23)
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII
Sender: linux-kernel-owner@vger.kernel.org
Content-Length: 1577
Lines: 45

In newer glibc's (versions > 2.06) reasonably secure permissions of
0600 are used when creating a temporary file with mkstemp(). But for
older glibc's (versions <= 2.06) 0666 is used which is not secure.

To ensure that the temporary files created always have reasonably
secure permissions, add a call to umask() that ensures we always set
at most 0600 on the temporary file (and then restore the umask again
so we don't interfere with anything that hapens further on).

Signed-off-by: Jesper Juhl <jj@chaosbits.net>
---
 scripts/unifdef.c | 5 +++--
 1 file changed, 3 insertions(+), 2 deletions(-)

diff --git a/scripts/unifdef.c b/scripts/unifdef.c
index 7493c0e..f9188fb 100644
--- a/scripts/unifdef.c
+++ b/scripts/unifdef.c
@@ -342,9 +342,10 @@ main(int argc, char *argv[])
 				    "%.*s/" TEMPLATE,
 				    (int)(dirsep - ofilename), ofilename);
 			else
-				snprintf(tempname, sizeof(tempname),
-				    TEMPLATE);
+				snprintf(tempname, sizeof(tempname), TEMPLATE);
+			mode_t mask = umask(S_IXUSR | S_IRWXG | S_IRWXO);
 			ofd = mkstemp(tempname);
+			umask(mask);
 			if (ofd != -1)
 				output = fdopen(ofd, "wb+");
 			if (output == NULL)
-- 
1.7.11.4


-- 
Jesper Juhl <jj@chaosbits.net>       http://www.chaosbits.net/
Don't top-post http://www.catb.org/jargon/html/T/top-post.html
Plain text mails only, please.

--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/