From c1e90e3b6d2998e61579e95c37cead1502b45daa Mon Sep 17 00:00:00 2001
From: Can Erkin Acar <canacar@cvs.openbsd.org>
Date: Sun, 18 Jan 2004 14:21:53 +0000
Subject: Create log files if they do not already exist, but do not follow
 symlinks. ok markus@

---
 sbin/pflogd/privsep.c | 9 +++++----
 1 file changed, 5 insertions(+), 4 deletions(-)

(limited to 'sbin')

diff --git a/sbin/pflogd/privsep.c b/sbin/pflogd/privsep.c
index 0eb244ba35a..158255d3272 100644
--- a/sbin/pflogd/privsep.c
+++ b/sbin/pflogd/privsep.c
@@ -1,4 +1,4 @@
-/*	$OpenBSD: privsep.c,v 1.5 2004/01/15 20:10:43 canacar Exp $	*/
+/*	$OpenBSD: privsep.c,v 1.6 2004/01/18 14:21:52 canacar Exp $	*/
 
 /*
  * Copyright (c) 2003 Can Erkin Acar
@@ -141,9 +141,10 @@ priv_init(void)
 		case PRIV_OPEN_LOG:
 			logmsg(LOG_DEBUG,
 			    "[priv]: msg PRIV_OPEN_LOG received");
-
-			/* XXX */
-			fd = open(filename, O_RDWR|O_APPEND|O_NONBLOCK, 0);
+			/* create or append logs but do not follow symlinks */
+			fd = open(filename,
+			    O_RDWR|O_CREAT|O_APPEND|O_NONBLOCK|O_NOFOLLOW,
+			    0600);
 			if (fd < 0)
 				logmsg(LOG_NOTICE,
 				    "[priv]: failed to open %s: %s",
-- 
cgit v1.2.3