diff options
Diffstat (limited to 'src/providers/krb5')
-rw-r--r-- | src/providers/krb5/krb5_child.c | 3 | ||||
-rw-r--r-- | src/providers/krb5/krb5_common.c | 3 |
2 files changed, 6 insertions, 0 deletions
diff --git a/src/providers/krb5/krb5_child.c b/src/providers/krb5/krb5_child.c index 01690cf4..297e3a76 100644 --- a/src/providers/krb5/krb5_child.c +++ b/src/providers/krb5/krb5_child.c @@ -230,6 +230,7 @@ static krb5_error_code create_ccache_file(krb5_context ctx, char *tmp_ccname; krb5_creds *l_cred; TALLOC_CTX *tmp_ctx = NULL; + mode_t old_umask; if (strncmp(ccname, "FILE:", 5) == 0) { cc_file_name = ccname + 5; @@ -258,7 +259,9 @@ static krb5_error_code create_ccache_file(krb5_context ctx, } tmp_ccname = talloc_asprintf_append(tmp_ccname, "/.krb5cc_dummy_XXXXXX"); + old_umask = umask(077); fd = mkstemp(tmp_ccname); + umask(old_umask); if (fd == -1) { DEBUG(1, ("mkstemp failed [%d][%s].\n", errno, strerror(errno))); kerr = errno; diff --git a/src/providers/krb5/krb5_common.c b/src/providers/krb5/krb5_common.c index a065727a..c2cb94b6 100644 --- a/src/providers/krb5/krb5_common.c +++ b/src/providers/krb5/krb5_common.c @@ -290,6 +290,7 @@ errno_t write_krb5info_file(const char *realm, const char *server, const char *name_tmpl = NULL; int server_len; ssize_t written; + mode_t old_umask; if (realm == NULL || *realm == '\0' || server == NULL || *server == '\0' || service == NULL || service == '\0') { @@ -328,7 +329,9 @@ errno_t write_krb5info_file(const char *realm, const char *server, goto done; } + old_umask = umask(077); fd = mkstemp(tmp_name); + umask(old_umask); if (fd == -1) { ret = errno; DEBUG(1, ("mkstemp failed [%d][%s].\n", ret, strerror(ret))); |