diff options
| author | Todd C. Miller <millert@cvs.openbsd.org> | 2000-12-15 04:01:40 +0000 |
|---|---|---|
| committer | Todd C. Miller <millert@cvs.openbsd.org> | 2000-12-15 04:01:40 +0000 |
| commit | 10bf6411d6cdf48c0e538eff57643a8e6fe55330 (patch) | |
| tree | 83bb6e0929ee42fad2c94ae1193991d57202bbf8 | |
| parent | 26f3f3fb8a3a5de23dbc4f149b5f28b789eff651 (diff) | |
When opening /etc/sudoers for writing, use SUDOERS_MODE for the mode.
Otherwise if the user creates a new sudoers file, makes a syntax error,
and quits, sudoers will have a random file mode. However, since it
is also zero-length, there is no information exposed. Closes PR 1559.
| -rw-r--r-- | usr.bin/sudo/visudo.c | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/usr.bin/sudo/visudo.c b/usr.bin/sudo/visudo.c index 70f763c1467..22ff892e3cd 100644 --- a/usr.bin/sudo/visudo.c +++ b/usr.bin/sudo/visudo.c @@ -166,7 +166,7 @@ main(argc, argv) * Open sudoers, lock it and stat it. * sudoers_fd must remain open throughout in order to hold the lock. */ - sudoers_fd = open(sudoers, O_RDWR | O_CREAT); + sudoers_fd = open(sudoers, O_RDWR | O_CREAT, SUDOERS_MODE); if (sudoers_fd == -1) { (void) fprintf(stderr, "%s: %s: %s\n", Argv[0], sudoers, strerror(errno)); |