summaryrefslogtreecommitdiff
path: root/src/child.c
diff options
context:
space:
mode:
Diffstat (limited to 'src/child.c')
-rw-r--r--src/child.c5
1 files changed, 5 insertions, 0 deletions
diff --git a/src/child.c b/src/child.c
index f8f56cb..1bb1802 100644
--- a/src/child.c
+++ b/src/child.c
@@ -78,6 +78,11 @@ _child_lock_init(void)
{
char lock_file[] = "/tmp/tinyproxy.servers.lock.XXXXXX";
+ /* Only allow u+rw bits. This may be required for some versions
+ * of glibc so that mkstemp() doesn't make us vulnerable.
+ */
+ umask(0177);
+
lock_fd = mkstemp(lock_file);
unlink(lock_file);
generated by cgit v1.2.3 (git 2.25.1) at 2024-11-08 09:30:29 +0000