summaryrefslogtreecommitdiff
path: root/usr.bin
diff options
context:
space:
mode:
authorTodd C. Miller <millert@cvs.openbsd.org>2000-12-15 04:01:40 +0000
committerTodd C. Miller <millert@cvs.openbsd.org>2000-12-15 04:01:40 +0000
commit10bf6411d6cdf48c0e538eff57643a8e6fe55330 (patch)
tree83bb6e0929ee42fad2c94ae1193991d57202bbf8 /usr.bin
parent26f3f3fb8a3a5de23dbc4f149b5f28b789eff651 (diff)
When opening /etc/sudoers for writing, use SUDOERS_MODE for the mode.
Otherwise if the user creates a new sudoers file, makes a syntax error, and quits, sudoers will have a random file mode. However, since it is also zero-length, there is no information exposed. Closes PR 1559.
Diffstat (limited to 'usr.bin')
-rw-r--r--usr.bin/sudo/visudo.c2
1 files changed, 1 insertions, 1 deletions
diff --git a/usr.bin/sudo/visudo.c b/usr.bin/sudo/visudo.c
index 70f763c1467..22ff892e3cd 100644
--- a/usr.bin/sudo/visudo.c
+++ b/usr.bin/sudo/visudo.c
@@ -166,7 +166,7 @@ main(argc, argv)
* Open sudoers, lock it and stat it.
* sudoers_fd must remain open throughout in order to hold the lock.
*/
- sudoers_fd = open(sudoers, O_RDWR | O_CREAT);
+ sudoers_fd = open(sudoers, O_RDWR | O_CREAT, SUDOERS_MODE);
if (sudoers_fd == -1) {
(void) fprintf(stderr, "%s: %s: %s\n", Argv[0], sudoers,
strerror(errno));