* movemail.c: Don't grant more read permissions than necessary.

The old 0333 dates back to before we called setuid, so it was needed back then to ensure user-readability, but 0377 should suffice now.
2025-12-06 06:20:55 -08:00 · 2013-03-12 18:05:40 -07:00 · 2013-03-12 18:05:40 -07:00 · 9e3edd30c3
commit 9e3edd30c3
parent f58afc72bd
2 changed files with 7 additions and 3 deletions
--- a/lib-src/movemail.c
+++ b/lib-src/movemail.c
@ -380,9 +380,9 @@ main (int argc, char **argv)
      if (indesc < 0)
 	pfatal_with_name (inname);

-      /* In case movemail is setuid to root, make sure the user can
-	 read the output file.  */
-      umask (umask (0) & 0333);
+      /* Make sure the user can read the output file.  */
+      umask (umask (0) & 0377);
+
      outdesc = open (outname, O_WRONLY | O_CREAT | O_EXCL, 0666);
      if (outdesc < 0)
 	pfatal_with_name (outname);