summaryrefslogtreecommitdiffstats
path: root/src/p11_child
Commit message (Collapse)AuthorAgeFilesLines
* P11_CHILD_NSS: More restrictive permissionsPetr Cech2015-10-141-1/+5
| | | | | | | | | | | p11_child_nss runs as root and we must be carefull about security. This patch adds more restrictive permissions on it. There is no reason for 0077, so we use 0177 umask. Resolves: https://fedorahosted.org/sssd/ticket/2424 Reviewed-by: Jakub Hrozek <jhrozek@redhat.com>
* REFACTOR: umask(077) --> umask(SSS_DFL_X_UMASK)Petr Cech2015-10-141-1/+1
| | | | | | | | | | | There are many calls of umask function with 077 argument. This patch add new constant SSS_DFL_X_UMASK which stands fot 077. So all occurences of umask(077) are replaced by constant SSS_DFL_X_UMASK. Resolves: https://fedorahosted.org/sssd/ticket/2424 Reviewed-by: Jakub Hrozek <jhrozek@redhat.com>
* p11child: set restrictive umask and clear environmentJakub Hrozek2015-08-171-0/+3
| | | | | | | | | https://fedorahosted.org/sssd/ticket/2754 Before doing any calls, set a very restrictive umask and clear environment variables to harden p11child execution. Reviewed-by: Lukáš Slebodník <lslebodn@redhat.com>
* Add NSS version of p11_childSumit Bose2015-07-311-0/+636
Reviewed-by: Jakub Hrozek <jhrozek@redhat.com>
generated by cgit (git 2.34.1) at 2024-06-08 01:28:49 +0000