From 781a967c2f1a2fc2c65f4ea96cfdf549dfc971f4 Mon Sep 17 00:00:00 2001
From: Sam Hartman <hartmans@mit.edu>
Date: Sun, 3 Mar 2002 01:10:01 +0000
Subject: Set umask to 077 to avoid public srvtabs

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@14213 dc483132-0cff-0310-8789-dd5450dbe970
---
 src/kadmin/ktutil/ChangeLog      | 6 ++++++
 src/kadmin/ktutil/ktutil_funcs.c | 3 +++
 2 files changed, 9 insertions(+)

(limited to 'src')

diff --git a/src/kadmin/ktutil/ChangeLog b/src/kadmin/ktutil/ChangeLog
index e7bc046c3f..e3b63c3ff9 100644
--- a/src/kadmin/ktutil/ChangeLog
+++ b/src/kadmin/ktutil/ChangeLog
@@ -1,3 +1,9 @@
+2002-03-02  Sam Hartman  <hartmans@mit.edu>
+
+	* ktutil_funcs.c (ktutil_write_srvtab): Set umask to 077 to avoid
+	public srvtabs.
+	
+
 2001-10-09  Ken Raeburn  <raeburn@mit.edu>
 
 	* ktutil.h: Make prototypes unconditional.
diff --git a/src/kadmin/ktutil/ktutil_funcs.c b/src/kadmin/ktutil/ktutil_funcs.c
index 94d5b5e7d0..3d8f0d695a 100644
--- a/src/kadmin/ktutil/ktutil_funcs.c
+++ b/src/kadmin/ktutil/ktutil_funcs.c
@@ -508,6 +508,9 @@ krb5_error_code ktutil_write_srvtab(context, list, name)
 	    /* Check if lp->entry is newer kvno; if so, update */
 	    lp1->entry = lp->entry;
     }
+    umask(0077); /*Changing umask for all of ktutil is OK
+		  * We don't ever write out anything that should use
+		  * default umask.*/
     fp = fopen(name, "w");
     if (!fp) {
 	retval = EIO;
-- 
cgit