artulab
projects / openbsd / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: c4fd84a) | patch
Avoid a race between fopen(3) and fchmod(2). Use umask(2) and
authorbluhm <bluhm@openbsd.org>
Thu, 15 Oct 2015 19:30:03 +0000 (19:30 +0000)
committerbluhm <bluhm@openbsd.org>
Thu, 15 Oct 2015 19:30:03 +0000 (19:30 +0000)
commitd2efe23825fe8bb84d6d754226a6134669f76c28
treebd5c8e6c64ee5b0ac5b5daa2e046890e2d4144e1tree | snapshot
parentc4fd84a59fe3c67238aa7e5487388c34dd086928commit | diff
Avoid a race between fopen(3) and fchmod(2).  Use umask(2) and
unlink(2) and fopen(3) to prevent an attacker to open an old file
with wrong permissions before the secret is written into it.  This
also guarantees that a new file with correct permissions is created.
Without fchmod(2) "fattr" can be removed from pledge.
with and OK deraadt@
usr.bin/x99token/x99token.c diff | blob | history
OpenBSD src
by Ahmet Artu Yildirim