forked from pool/ipmitool
49 lines
1.3 KiB
Diff
49 lines
1.3 KiB
Diff
|
Fix security hole -> wrong file permission
|
||
|
|
||
|
Reference:
|
||
|
https://bugzillafiles.novell.org/attachment.cgi?id=206754&t=hMTMCz2m9Q
|
||
|
|
||
|
Signed-off-by: Thomas Renninger <trenn@suse.de>
|
||
|
Signed-off-by: Wilken Gottwalt <ajohansson@novell.com>
|
||
|
|
||
|
|
||
|
---
|
||
|
lib/helper.c | 1 -
|
||
|
src/ipmievd.c | 3 +++
|
||
|
2 files changed, 3 insertions(+), 1 deletion(-)
|
||
|
|
||
|
Index: ipmitool-1.8.11/lib/helper.c
|
||
|
===================================================================
|
||
|
--- ipmitool-1.8.11.orig/lib/helper.c
|
||
|
+++ ipmitool-1.8.11/lib/helper.c
|
||
|
@@ -427,7 +427,6 @@ ipmi_start_daemon(struct ipmi_intf *intf
|
||
|
#endif
|
||
|
|
||
|
chdir("/");
|
||
|
- umask(0);
|
||
|
|
||
|
for (fd=0; fd<64; fd++) {
|
||
|
if (fd != intf->fd)
|
||
|
Index: ipmitool-1.8.11/src/ipmievd.c
|
||
|
===================================================================
|
||
|
--- ipmitool-1.8.11.orig/src/ipmievd.c
|
||
|
+++ ipmitool-1.8.11/src/ipmievd.c
|
||
|
@@ -687,6 +687,7 @@ ipmievd_main(struct ipmi_event_intf * ei
|
||
|
int i, rc;
|
||
|
int daemon = 1;
|
||
|
struct sigaction act;
|
||
|
+ mode_t oldumask;
|
||
|
|
||
|
memset(pidfile, 0, 64);
|
||
|
sprintf(pidfile, "%s%d", DEFAULT_PIDFILE, eintf->intf->devnum);
|
||
|
@@ -744,7 +745,9 @@ ipmievd_main(struct ipmi_event_intf * ei
|
||
|
}
|
||
|
}
|
||
|
|
||
|
+ oldumask = umask(022);
|
||
|
fp = ipmi_open_file_write(pidfile);
|
||
|
+ umask(oldumask);
|
||
|
if (fp != NULL) {
|
||
|
fprintf(fp, "%d\n", (int)getpid());
|
||
|
fclose(fp);
|