Add umask before mkstemp() call in SSH responder

author: Jan Zeleny <jzeleny@redhat.com> 2012-03-07 07:54:49 -0500
committer: Stephen Gallagher <sgallagh@redhat.com> 2012-04-09 10:02:39 -0400
commit: 727707b49be111731e96993f4209d163bc73f41d (patch)
tree: 8d43f5ea9dd1b7b5dfc39a15afabb70483dfe408
parent: 91547076daa42c361943b048a355c70e7fd5170c (diff)
download: sssd-727707b49be111731e96993f4209d163bc73f41d.tar.gz
sssd-727707b49be111731e96993f4209d163bc73f41d.tar.xz
sssd-727707b49be111731e96993f4209d163bc73f41d.zip
1 files changed, 3 insertions, 0 deletions
diff --git a/src/responder/ssh/sshsrv_cmd.c b/src/responder/ssh/sshsrv_cmd.c
index 9d553f73e..cae0b87c0 100644
--- a/src/responder/ssh/sshsrv_cmd.c
+++ b/src/responder/ssh/sshsrv_cmd.c
@@ -439,6 +439,7 @@ ssh_host_pubkeys_update_known_hosts(struct ssh_cmd_ctx *cmd_ctx)
     int fd = -1;
     char *filename, *pubkey, *line;
     ssize_t wret;
+    mode_t old_mask;
 
     tmp_ctx = talloc_new(NULL);
     if (!tmp_ctx) {
@@ -452,7 +453,9 @@ ssh_host_pubkeys_update_known_hosts(struct ssh_cmd_ctx *cmd_ctx)
         goto done;
     }
 
+    old_mask = umask(0133);
     fd = mkstemp(filename);
+    umask(old_mask);
     if (fd == -1) {
         filename = NULL;
         ret = errno;
author	Jan Zeleny <jzeleny@redhat.com>	2012-03-07 07:54:49 -0500
committer	Stephen Gallagher <sgallagh@redhat.com>	2012-04-09 10:02:39 -0400
commit	727707b49be111731e96993f4209d163bc73f41d (patch)
tree	8d43f5ea9dd1b7b5dfc39a15afabb70483dfe408
parent	91547076daa42c361943b048a355c70e7fd5170c (diff)
download	sssd-727707b49be111731e96993f4209d163bc73f41d.tar.gz sssd-727707b49be111731e96993f4209d163bc73f41d.tar.xz sssd-727707b49be111731e96993f4209d163bc73f41d.zip