Matej Habrnal fa1950
From 35fe31aceb8221fd8bd8ea8d48d1bb4f0fbdf837 Mon Sep 17 00:00:00 2001
Matej Habrnal fa1950
From: Jakub Filak <jfilak@redhat.com>
Matej Habrnal fa1950
Date: Wed, 29 Apr 2015 14:13:57 +0200
Matej Habrnal fa1950
Subject: [PATCH] a-a-i-d-t-a-cache: sanitize umask
Matej Habrnal fa1950
Matej Habrnal fa1950
We cannot trust anything when running suided program.
Matej Habrnal fa1950
Matej Habrnal fa1950
Related: #1216962
Matej Habrnal fa1950
Matej Habrnal fa1950
Signed-off-by: Jakub Filak <jfilak@redhat.com>
Matej Habrnal fa1950
---
Matej Habrnal fa1950
 src/plugins/abrt-action-install-debuginfo-to-abrt-cache.c | 3 +++
Matej Habrnal fa1950
 1 file changed, 3 insertions(+)
Matej Habrnal fa1950
Matej Habrnal fa1950
diff --git a/src/plugins/abrt-action-install-debuginfo-to-abrt-cache.c b/src/plugins/abrt-action-install-debuginfo-to-abrt-cache.c
Matej Habrnal fa1950
index 4fa1783..81b1486 100644
Matej Habrnal fa1950
--- a/src/plugins/abrt-action-install-debuginfo-to-abrt-cache.c
Matej Habrnal fa1950
+++ b/src/plugins/abrt-action-install-debuginfo-to-abrt-cache.c
Matej Habrnal fa1950
@@ -199,6 +199,9 @@ int main(int argc, char **argv)
Matej Habrnal fa1950
         if (euid != 0)
Matej Habrnal fa1950
             strcpy(path_env, "PATH=/usr/bin:/bin:"BIN_DIR);
Matej Habrnal fa1950
         putenv(path_env);
Matej Habrnal fa1950
+
Matej Habrnal fa1950
+        /* Use safe umask */
Matej Habrnal fa1950
+        umask(0022);
Matej Habrnal fa1950
     }
Matej Habrnal fa1950
 
Matej Habrnal fa1950
     execvp(EXECUTABLE, (char **)args);
Matej Habrnal fa1950
-- 
Matej Habrnal fa1950
2.1.0
Matej Habrnal fa1950