summaryrefslogtreecommitdiffhomepage
diff options
context:
space:
mode:
authorMukund Sivaraman <muks@banu.com>2008-08-24 11:47:50 +0530
committerMukund Sivaraman <muks@banu.com>2008-08-24 11:47:50 +0530
commitfadb98ee552dae6bd5ac8dc7e9e9b78f3f656af6 (patch)
tree140da5955fdfc018050badb7b0681bd0374cc203
parent82cd6c765b2558f866d046cfe769d3e9ff5681eb (diff)
Add more calls to umask() before mkstemp()
-rw-r--r--src/child.c5
-rw-r--r--src/heap.c5
2 files changed, 10 insertions, 0 deletions
diff --git a/src/child.c b/src/child.c
index f8f56cb..1bb1802 100644
--- a/src/child.c
+++ b/src/child.c
@@ -78,6 +78,11 @@ _child_lock_init(void)
{
char lock_file[] = "/tmp/tinyproxy.servers.lock.XXXXXX";
+ /* Only allow u+rw bits. This may be required for some versions
+ * of glibc so that mkstemp() doesn't make us vulnerable.
+ */
+ umask(0177);
+
lock_fd = mkstemp(lock_file);
unlink(lock_file);
diff --git a/src/heap.c b/src/heap.c
index e6b2353..2cb8c82 100644
--- a/src/heap.c
+++ b/src/heap.c
@@ -116,6 +116,11 @@ malloc_shared_memory(size_t size)
strlcpy(buffer, shared_file, sizeof(buffer));
+ /* Only allow u+rw bits. This may be required for some versions
+ * of glibc so that mkstemp() doesn't make us vulnerable.
+ */
+ umask(0177);
+
if ((fd = mkstemp(buffer)) == -1)
return MAP_FAILED;
unlink(buffer);