[PATCH] Restrict mtab umask | |
| [Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] | |
This is openwall linux patch to restrict /etc/mtab permissions.
Signed-off-by: Alexey Gladkov <legion@xxxxxxxxxxxx>
---
mount/mount.c | 2 +-
mount/mount_mntent.c | 2 +-
mount/umount.c | 2 +-
3 files changed, 3 insertions(+), 3 deletions(-)
diff --git a/mount/mount.c b/mount/mount.c
index bed792d..297a8ad 100644
--- a/mount/mount.c
+++ b/mount/mount.c
@@ -1826,7 +1826,7 @@ main(int argc, char *argv[]) {
if ((p = strrchr(progname, '/')) != NULL)
progname = p+1;
- umask(022);
+ umask(077);
/* People report that a mount called from init without console
writes error messages to /etc/mtab
diff --git a/mount/mount_mntent.c b/mount/mount_mntent.c
index e6e64bb..c19dcdd 100644
--- a/mount/mount_mntent.c
+++ b/mount/mount_mntent.c
@@ -96,7 +96,7 @@ unmangle(char *s) {
mntFILE *
my_setmntent (const char *file, char *mode) {
mntFILE *mfp = xmalloc(sizeof(*mfp));
- mode_t old_umask = umask(077);
+ mode_t old_umask = umask(033);
mfp->mntent_fp = fopen(file, mode);
umask(old_umask);
diff --git a/mount/umount.c b/mount/umount.c
index 65c8622..e6b858e 100644
--- a/mount/umount.c
+++ b/mount/umount.c
@@ -585,7 +585,7 @@ main (int argc, char *argv[]) {
if ((p = strrchr(progname, '/')) != NULL)
progname = p+1;
- umask(022);
+ umask(077);
while ((c = getopt_long (argc, argv, "adfhlnrit:O:vV",
longopts, NULL)) != -1)
--
Rgrds, legion
--
To unsubscribe from this list: send the line "unsubscribe util-linux-ng" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
[Site Home] [Netdev] [Ethernet Bridging] [Linux Wireless] [Kernel Newbies] [Memory] [Security] [Linux for Hams] [Netfilter] [Bugtraq] [Rubini] [Photo] [Yosemite] [Yosemite News] [MIPS Linux] [ARM Linux] [Linux RAID] [Linux Admin] [Samba] [Video 4 Linux] [Linux Resources]