util/create_tmpfile: set restrictive umask for these files

Even if the file is removed right away, a race with someone using inotify is definitely possible, so play safe and restrict umask for our tmpfiles Found through static analysis.
author: Dominique Martinet <asmadeus@codewreck.org> 2018-06-30 10:55:33 +0900
committer: Dominique Martinet <asmadeus@codewreck.org> 2018-06-30 11:38:21 +0900
commit: 399de4d11bb36b71fdfb5f1a06e74cf7c4e6831c (patch)
tree: 950408dee292c3009fa0b213840be7877412d811
parent: efef54ccf56b298e935b8707c6808e7f4eebd030 (diff)
1 files changed, 3 insertions, 0 deletions
diff --git a/util/os-compatibility.c b/util/os-compatibility.c
index bd3067d2..38333605 100644
--- a/util/os-compatibility.c
+++ b/util/os-compatibility.c
@@ -29,6 +29,7 @@
 #include <stdlib.h>
 #include <string.h>
 #include <sys/socket.h>
+#include <sys/stat.h>
 #include <sys/types.h>
 #include <unistd.h>
 #include "util/os-compatibility.h"
@@ -61,6 +62,7 @@ int create_tmpfile_cloexec(char *tmpname)
 {
 	int fd;
 
+	mode_t prev_umask = umask(0066);
 #ifdef HAVE_MKOSTEMP
 	fd = mkostemp(tmpname, O_CLOEXEC);
 	if (fd >= 0)
@@ -72,6 +74,7 @@ int create_tmpfile_cloexec(char *tmpname)
 		unlink(tmpname);
 	}
 #endif
+	umask(prev_umask);
 
 	return fd;
 }
author	Dominique Martinet <asmadeus@codewreck.org>	2018-06-30 10:55:33 +0900
committer	Dominique Martinet <asmadeus@codewreck.org>	2018-06-30 11:38:21 +0900
commit	399de4d11bb36b71fdfb5f1a06e74cf7c4e6831c (patch)
tree	950408dee292c3009fa0b213840be7877412d811
parent	efef54ccf56b298e935b8707c6808e7f4eebd030 (diff)