[PATCH] lib/file: remove mkstemp umask in copy_file_secure_dest
Brett Grandbois
brett.grandbois at opengear.com
Thu May 3 16:02:04 AEST 2018
mkstemp will generate the temp file with permissions 0600 so the
umask(0644) is causing the file to have permissions of 0000, making
signature files unreadable
Signed-off-by: Brett Grandbois <brett.grandbois at opengear.com>
---
lib/file/file.c | 3 ---
1 file changed, 3 deletions(-)
diff --git a/lib/file/file.c b/lib/file/file.c
index 57a2519..b575d34 100644
--- a/lib/file/file.c
+++ b/lib/file/file.c
@@ -44,7 +44,6 @@ int copy_file_secure_dest(void *ctx, const char *source_file,
unsigned char *buffer;
ssize_t r;
size_t l1;
- mode_t oldmask;
source_handle = fopen(source_file, "r");
if (!source_handle) {
@@ -53,9 +52,7 @@ int copy_file_secure_dest(void *ctx, const char *source_file,
return -1;
}
- oldmask = umask(0644);
destination_fd = mkstemp(template);
- umask(oldmask);
if (destination_fd < 0) {
pb_log("%s: unable to create temp file, %m\n", __func__);
fclose(source_handle);
--
2.7.4
More information about the Petitboot
mailing list