From 7adcfc961d3ccb051da87cc95d76cd3344f00fb8 Mon Sep 17 00:00:00 2001
From: Jaco Kroon <jaco@uls.co.za>
Date: Sat, 18 Sep 2021 04:02:54 +0200
Subject: [PATCH] radattr: tighten permissions on radattr file to avoid
 information leakage. (#290)

Depending on the invoking process's umask it's possible that the radattr
file (which in certain cases can contain crytographic keys) be stored
with permissions such that world-read access is possible, resulting in
sensitive information being leaked to local users.

Signed-off-by: Jaco Kroon <jaco@uls.co.za>
Co-authored-by: Jaco Kroon <jaco@iewc.co.za>
---
 pppd/plugins/radius/radattr.c | 5 +++++
 1 file changed, 5 insertions(+)

diff --git a/pppd/plugins/radius/radattr.c b/pppd/plugins/radius/radattr.c
index 1dee313..f6a7874 100644
--- a/pppd/plugins/radius/radattr.c
+++ b/pppd/plugins/radius/radattr.c
@@ -24,6 +24,8 @@ static char const RCSID[] =
 #include "pppd.h"
 #include "radiusclient.h"
 #include <stdio.h>
+#include <sys/types.h>
+#include <sys/stat.h>
 
 extern void (*radius_attributes_hook)(VALUE_PAIR *);
 static void print_attributes(VALUE_PAIR *);
@@ -75,9 +77,12 @@ print_attributes(VALUE_PAIR *vp)
     char name[2048];
     char value[2048];
     int cnt = 0;
+    mode_t old_umask;
 
     slprintf(fname, sizeof(fname), "/var/run/radattr.%s", ifname);
+    old_umask = umask(077);
     fp = fopen(fname, "w");
+    umask(old_umask);
     if (!fp) {
 	warn("radattr plugin: Could not open %s for writing: %m", fname);
 	return;
-- 
2.39.2