summaryrefslogtreecommitdiff
path: root/lib
diff options
context:
space:
mode:
Diffstat (limited to 'lib')
-rw-r--r--lib/krb5_wrap/krb5_samba.c4
-rw-r--r--lib/util/util.c3
2 files changed, 7 insertions, 0 deletions
diff --git a/lib/krb5_wrap/krb5_samba.c b/lib/krb5_wrap/krb5_samba.c
index 0876ab6284..3a2401a9ad 100644
--- a/lib/krb5_wrap/krb5_samba.c
+++ b/lib/krb5_wrap/krb5_samba.c
@@ -21,6 +21,7 @@
*/
#include "includes.h"
+#include "system/filesys.h"
#include "krb5_samba.h"
#include "lib/util/asn1.h"
@@ -1483,6 +1484,7 @@ krb5_error_code kerberos_kinit_keyblock_cc(krb5_context ctx, krb5_ccache cc,
{
krb5_error_code code = 0;
krb5_creds my_creds;
+ mode_t mask;
#if defined(HAVE_KRB5_GET_INIT_CREDS_KEYBLOCK)
code = krb5_get_init_creds_keyblock(ctx, &my_creds, principal,
@@ -1500,7 +1502,9 @@ krb5_error_code kerberos_kinit_keyblock_cc(krb5_context ctx, krb5_ccache cc,
*(KRB5_KT_KEY(&entry)) = *keyblock;
memcpy(tmp_name, SMB_CREDS_KEYTAB, sizeof(SMB_CREDS_KEYTAB));
+ mask = umask(S_IRWXO | S_IRWXG);
mktemp(tmp_name);
+ umask(mask);
if (tmp_name[0] == 0) {
return KRB5_KT_BADNAME;
}
diff --git a/lib/util/util.c b/lib/util/util.c
index d49e20e6cd..464fc62e1f 100644
--- a/lib/util/util.c
+++ b/lib/util/util.c
@@ -63,6 +63,7 @@ int create_unlink_tmp(const char *dir)
{
char *fname;
int fd;
+ mode_t mask;
if (!dir) {
dir = tmpdir();
@@ -73,7 +74,9 @@ int create_unlink_tmp(const char *dir)
errno = ENOMEM;
return -1;
}
+ mask = umask(S_IRWXO | S_IRWXG);
fd = mkstemp(fname);
+ umask(mask);
if (fd == -1) {
TALLOC_FREE(fname);
return -1;
generated by cgit (git 2.34.1) at 2024-11-23 04:18:57 +0000