summaryrefslogtreecommitdiff
path: root/src/tinyproxy.c
diff options
context:
space:
mode:
Diffstat (limited to 'src/tinyproxy.c')
-rw-r--r--src/tinyproxy.c5
1 files changed, 5 insertions, 0 deletions
diff --git a/src/tinyproxy.c b/src/tinyproxy.c
index 88bc9d3..f3bf169 100644
--- a/src/tinyproxy.c
+++ b/src/tinyproxy.c
@@ -188,6 +188,11 @@ main(int argc, char **argv)
}
#endif /* HAVE_SETRLIMIT */
+ /* Only allow u+rw bits. This may be required for some versions
+ * of glibc so that mkstemp() doesn't make us vulnerable.
+ */
+ umask(0177);
+
/* Default configuration file location */
config.config_file = DEFAULT_CONF_FILE;