mirror of
git://git.sv.gnu.org/emacs.git
synced 2025-12-15 10:30:25 -08:00
* movemail.c: Don't grant more read permissions than necessary.
The old 0333 dates back to before we called setuid, so it was needed back then to ensure user-readability, but 0377 should suffice now.
This commit is contained in:
Paul Eggert
parent
f58afc72bd
commit
9e3edd30c3
2 changed files with 7 additions and 3 deletions
|
|
@ -2,6 +2,10 @@
|
||||||
|
|
||||||
* movemail.c (main): Call umask on all systems.
|
* movemail.c (main): Call umask on all systems.
|
||||||
This is OK since Emacs already assumes umask elsewhere.
|
This is OK since Emacs already assumes umask elsewhere.
|
||||||
|
Don't grant more read permissions than necessary.
|
||||||
|
The old 0333 dates back to before we called setuid,
|
||||||
|
so it was needed back then to ensure user-readability,
|
||||||
|
but 0377 should suffice now.
|
||||||
|
|
||||||
2013-02-08 Paul Eggert <eggert@cs.ucla.edu>
|
2013-02-08 Paul Eggert <eggert@cs.ucla.edu>
|
||||||
|
|
||||||
|
|
|
||||||
|
|
@ -380,9 +380,9 @@ main (int argc, char **argv)
|
||||||
if (indesc < 0)
|
if (indesc < 0)
|
||||||
pfatal_with_name (inname);
|
pfatal_with_name (inname);
|
||||||
|
|
||||||
/* In case movemail is setuid to root, make sure the user can
|
/* Make sure the user can read the output file. */
|
||||||
read the output file. */
|
umask (umask (0) & 0377);
|
||||||
umask (umask (0) & 0333);
|
|
||||||
outdesc = open (outname, O_WRONLY | O_CREAT | O_EXCL, 0666);
|
outdesc = open (outname, O_WRONLY | O_CREAT | O_EXCL, 0666);
|
||||||
if (outdesc < 0)
|
if (outdesc < 0)
|
||||||
pfatal_with_name (outname);
|
pfatal_with_name (outname);
|
||||||
|
|
|
||||||
Loading…
Add table
Add a link
Reference in a new issue