1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
|
From: Christian Kastner <ckk@kvr.at>
Date: Fri, 25 Dec 2015 12:33:24 +0100
Subject: Set umask while editing crontab
When editing/replacing a crontab, set the umask to 077.
Forwarded: no
Last-Update: 2015-12-25
---
crontab.c | 7 +++++++
1 file changed, 7 insertions(+)
diff --git a/crontab.c b/crontab.c
index 7ec98d2..77e3949 100644
--- a/crontab.c
+++ b/crontab.c
@@ -317,6 +317,7 @@ edit_cmd() {
time_t mtime;
WAIT_T waiter;
PID_T pid, xpid;
+ mode_t um;
log_it(RealUser, Pid, "BEGIN EDIT", User);
(void) snprintf(n, MAX_FNAME, CRON_TAB(User));
@@ -333,6 +334,7 @@ edit_cmd() {
}
}
+ um = umask(077);
(void) snprintf(Filename, sizeof(Filename)-1, "/tmp/crontab.XXXXXX");
Filename[sizeof(Filename)-1] = '\0';
if (-1 == (t = mkstemp(Filename))) {
@@ -347,6 +349,8 @@ edit_cmd() {
perror("fchown");
goto fatal;
}
+
+ (void) umask(um);
if (!(NewCrontab = fdopen(t, "r+"))) {
perror("fdopen");
goto fatal;
@@ -530,6 +534,7 @@ replace_cmd() {
entry *e;
time_t now = time(NULL);
char **envp = env_init();
+ mode_t um;
if (envp == NULL) {
fprintf(stderr, "%s: Cannot allocate memory.\n", ProgramName);
@@ -547,6 +552,7 @@ replace_cmd() {
signal(SIGTSTP, SIG_IGN);
(void) snprintf(tn, MAX_FNAME, CRON_TAB("tmp.XXXXXX"));
+ um = umask(077);
fd = mkstemp(tn);
if (fd < 0) {
fprintf(stderr, "%s/: mkstemp: %s\n", CRONDIR, strerror(errno));
@@ -557,6 +563,7 @@ replace_cmd() {
fprintf(stderr, "%s/: fdopen: %s\n", CRONDIR, strerror(errno));
return (-2);
}
+ (void) umask(um);
/* write a signature at the top of the file.
*
|
