From fadb98ee552dae6bd5ac8dc7e9e9b78f3f656af6 Mon Sep 17 00:00:00 2001
From: Mukund Sivaraman <muks@banu.com>
Date: Sun, 24 Aug 2008 11:47:50 +0530
Subject: Add more calls to umask() before mkstemp()

---
 src/child.c | 5 +++++
 src/heap.c  | 5 +++++
 2 files changed, 10 insertions(+)

(limited to 'src')

diff --git a/src/child.c b/src/child.c
index f8f56cb..1bb1802 100644
--- a/src/child.c
+++ b/src/child.c
@@ -78,6 +78,11 @@ _child_lock_init(void)
 {
         char lock_file[] = "/tmp/tinyproxy.servers.lock.XXXXXX";
 
+        /* Only allow u+rw bits. This may be required for some versions
+         * of glibc so that mkstemp() doesn't make us vulnerable.
+         */
+        umask(0177);
+
         lock_fd = mkstemp(lock_file);
         unlink(lock_file);
 
diff --git a/src/heap.c b/src/heap.c
index e6b2353..2cb8c82 100644
--- a/src/heap.c
+++ b/src/heap.c
@@ -116,6 +116,11 @@ malloc_shared_memory(size_t size)
 
         strlcpy(buffer, shared_file, sizeof(buffer));
 
+        /* Only allow u+rw bits. This may be required for some versions
+         * of glibc so that mkstemp() doesn't make us vulnerable.
+         */
+        umask(0177);
+
         if ((fd = mkstemp(buffer)) == -1)
                 return MAP_FAILED;
         unlink(buffer);
-- 
cgit v1.2.3