diff options
author | Darren Tucker <dtucker@cvs.openbsd.org> | 2008-06-14 17:07:12 +0000 |
---|---|---|
committer | Darren Tucker <dtucker@cvs.openbsd.org> | 2008-06-14 17:07:12 +0000 |
commit | e33092522f0ba54db20a7e607cb314dde9fb9970 (patch) | |
tree | d1cda066d9cb157ad8cda0e98a951b25bdaa2f2e /usr.bin | |
parent | 5517050d393fc1226611013717d55d4779503b7d (diff) |
ensure default umask disallows at least group and world write; ok djm@
Diffstat (limited to 'usr.bin')
-rw-r--r-- | usr.bin/ssh/sshd.c | 7 |
1 files changed, 6 insertions, 1 deletions
diff --git a/usr.bin/ssh/sshd.c b/usr.bin/ssh/sshd.c index ebdc5074825..c27ae97d892 100644 --- a/usr.bin/ssh/sshd.c +++ b/usr.bin/ssh/sshd.c @@ -1,4 +1,4 @@ -/* $OpenBSD: sshd.c,v 1.361 2008/06/14 15:49:48 dtucker Exp $ */ +/* $OpenBSD: sshd.c,v 1.362 2008/06/14 17:07:11 dtucker Exp $ */ /* * Author: Tatu Ylonen <ylo@cs.hut.fi> * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland @@ -1205,6 +1205,7 @@ main(int ac, char **av) int remote_port; char *line, *p, *cp; int config_s[2] = { -1 , -1 }; + mode_t new_umask; Key *key; Authctxt *authctxt; @@ -1508,6 +1509,10 @@ main(int ac, char **av) rexec_argv[rexec_argc + 1] = NULL; } + /* Ensure that umask disallows at least group and world write */ + new_umask = umask(0077) | 0022; + (void) umask(new_umask); + /* Initialize the log (it is reinitialized below in case we forked). */ if (debug_flag && (!inetd_flag || rexeced_flag)) log_stderr = 1; |