diff options
| -rw-r--r-- | src/daemon.c | 2 | ||||
| -rw-r--r-- | src/tinyproxy.c | 5 | 
2 files changed, 6 insertions, 1 deletions
| diff --git a/src/daemon.c b/src/daemon.c index 4d4aedc..f0b0aba 100644 --- a/src/daemon.c +++ b/src/daemon.c @@ -42,7 +42,7 @@ makedaemon(void)                  exit(0);          chdir("/"); -        umask(077); +        umask(0177);  #if NDEBUG          /* diff --git a/src/tinyproxy.c b/src/tinyproxy.c index 88bc9d3..f3bf169 100644 --- a/src/tinyproxy.c +++ b/src/tinyproxy.c @@ -188,6 +188,11 @@ main(int argc, char **argv)          }  #endif                          /* HAVE_SETRLIMIT */ +        /* Only allow u+rw bits. This may be required for some versions +         * of glibc so that mkstemp() doesn't make us vulnerable. +         */ +        umask(0177); +          /* Default configuration file location */          config.config_file = DEFAULT_CONF_FILE; | 
