From: Brett Grandbois <brett.grandbois@opengear.com>
Date: Thu, 3 May 2018 06:02:04 +0000 (+1000)
Subject: lib/file: remove mkstemp umask in copy_file_secure_dest
X-Git-Tag: v1.8.0~5
X-Git-Url: http://git.ozlabs.org/?p=petitboot;a=commitdiff_plain;h=17d9d54a46beab44db751b9bcf7f289b9bf101cf;ds=sidebyside

lib/file: remove mkstemp umask in copy_file_secure_dest

mkstemp will generate the temp file with permissions 0600 so the
umask(0644) is causing the file to have permissions of 0000, making
signature files unreadable

Signed-off-by: Brett Grandbois <brett.grandbois@opengear.com>
Signed-off-by: Samuel Mendoza-Jonas <sam@mendozajonas.com>
---

diff --git a/lib/file/file.c b/lib/file/file.c
index 57a2519..b575d34 100644
--- a/lib/file/file.c
+++ b/lib/file/file.c
@@ -44,7 +44,6 @@ int copy_file_secure_dest(void *ctx, const char *source_file,
 	unsigned char *buffer;
 	ssize_t r;
 	size_t l1;
-	mode_t oldmask;
 
 	source_handle = fopen(source_file, "r");
 	if (!source_handle) {
@@ -53,9 +52,7 @@ int copy_file_secure_dest(void *ctx, const char *source_file,
 			return -1;
 	}
 
-	oldmask = umask(0644);
 	destination_fd = mkstemp(template);
-	umask(oldmask);
 	if (destination_fd < 0) {
 		pb_log("%s: unable to create temp file, %m\n", __func__);
 		fclose(source_handle);