diff options
author | Mukund Sivaraman <muks@banu.com> | 2008-08-24 11:27:38 +0530 |
---|---|---|
committer | Mukund Sivaraman <muks@banu.com> | 2008-08-24 11:27:38 +0530 |
commit | fce253253a13f8aa010429443708043ea6d9d361 (patch) | |
tree | ac09ea0dea5c711c70fef3e66b0bc25cfe71aca1 /src/tinyproxy.c | |
parent | 62ddbd5e7491c4a751f0a4523b1d9d7acaeba9dd (diff) | |
download | tinyproxy-fce253253a13f8aa010429443708043ea6d9d361.tar.gz tinyproxy-fce253253a13f8aa010429443708043ea6d9d361.zip |
Set umask before mkstemp() for some versions of glibc
Diffstat (limited to 'src/tinyproxy.c')
-rw-r--r-- | src/tinyproxy.c | 5 |
1 files changed, 5 insertions, 0 deletions
diff --git a/src/tinyproxy.c b/src/tinyproxy.c index 88bc9d3..f3bf169 100644 --- a/src/tinyproxy.c +++ b/src/tinyproxy.c @@ -188,6 +188,11 @@ main(int argc, char **argv) } #endif /* HAVE_SETRLIMIT */ + /* Only allow u+rw bits. This may be required for some versions + * of glibc so that mkstemp() doesn't make us vulnerable. + */ + umask(0177); + /* Default configuration file location */ config.config_file = DEFAULT_CONF_FILE; |