Blame SOURCES/0111-a-a-i-d-t-a-cache-sanitize-umask.patch

a60cd7
From 9a4100678fea4d60ec93d35f4c5de2e9ad054f3a Mon Sep 17 00:00:00 2001
a60cd7
From: Jakub Filak <jfilak@redhat.com>
a60cd7
Date: Wed, 29 Apr 2015 14:13:57 +0200
a60cd7
Subject: [ABRT PATCH] a-a-i-d-t-a-cache: sanitize umask
a60cd7
a60cd7
We cannot trust anything when running suided program.
a60cd7
a60cd7
Related: #1216962
a60cd7
a60cd7
Signed-off-by: Jakub Filak <jfilak@redhat.com>
a60cd7
---
a60cd7
 src/plugins/abrt-action-install-debuginfo-to-abrt-cache.c | 3 +++
a60cd7
 1 file changed, 3 insertions(+)
a60cd7
a60cd7
diff --git a/src/plugins/abrt-action-install-debuginfo-to-abrt-cache.c b/src/plugins/abrt-action-install-debuginfo-to-abrt-cache.c
a60cd7
index eb2f7c5..cd9ee7a 100644
a60cd7
--- a/src/plugins/abrt-action-install-debuginfo-to-abrt-cache.c
a60cd7
+++ b/src/plugins/abrt-action-install-debuginfo-to-abrt-cache.c
a60cd7
@@ -182,6 +182,9 @@ int main(int argc, char **argv)
a60cd7
         if (u != 0)
a60cd7
             strcpy(path_env, "PATH=/usr/bin:/bin:"BIN_DIR);
a60cd7
         putenv(path_env);
a60cd7
+
a60cd7
+        /* Use safe umask */
a60cd7
+        umask(0022);
a60cd7
     }
a60cd7
 
a60cd7
     execvp(EXECUTABLE, (char **)args);
a60cd7
-- 
a60cd7
1.8.3.1
a60cd7