From: Paul Mackerras <paulus@samba.org>
Date: Mon, 15 Nov 1999 03:55:37 +0000 (+0000)
Subject: create log file safely, don't create world-writable files
X-Git-Tag: ppp-2.4.7~599
X-Git-Url: http://git.ozlabs.org/?p=ppp.git;a=commitdiff_plain;h=3943299d6eea2ce36d9e32d83b5d8aa168e6f68c

create log file safely, don't create world-writable files
---

diff --git a/pppd/main.c b/pppd/main.c
index e5d2977..4de4b99 100644
--- a/pppd/main.c
+++ b/pppd/main.c
@@ -17,7 +17,7 @@
  * WARRANTIES OF MERCHANTIBILITY AND FITNESS FOR A PARTICULAR PURPOSE.
  */
 
-#define RCSID	"$Id: main.c,v 1.86 1999/09/11 12:08:57 paulus Exp $"
+#define RCSID	"$Id: main.c,v 1.87 1999/11/15 03:55:37 paulus Exp $"
 
 #include <stdio.h>
 #include <ctype.h>
@@ -252,6 +252,9 @@ main(argc, argv)
     }
     hostname[MAXNAMELEN-1] = 0;
 
+    /* make sure we don't create world or group writable files. */
+    umask(umask(0777) | 022);
+
     uid = getuid();
     privileged = uid == 0;
     slprintf(numbuf, sizeof(numbuf), "%d", uid);
diff --git a/pppd/options.c b/pppd/options.c
index 6fd750f..66770a5 100644
--- a/pppd/options.c
+++ b/pppd/options.c
@@ -17,7 +17,7 @@
  * WARRANTIES OF MERCHANTIBILITY AND FITNESS FOR A PARTICULAR PURPOSE.
  */
 
-#define RCSID	"$Id: options.c,v 1.67 1999/11/15 01:51:52 paulus Exp $"
+#define RCSID	"$Id: options.c,v 1.68 1999/11/15 03:55:37 paulus Exp $"
 
 #include <ctype.h>
 #include <stdio.h>
@@ -1523,7 +1523,9 @@ setlogfile(argv)
 
     if (!privileged_option)
 	seteuid(getuid());
-    fd = open(*argv, O_WRONLY | O_APPEND);
+    fd = open(*argv, O_WRONLY | O_APPEND | O_CREAT | O_EXCL, 0644);
+    if (fd < 0 && errno == EEXIST)
+	fd = open(*argv, O_WRONLY | O_APPEND);
     err = errno;
     if (!privileged_option)
 	seteuid(0);