diff options
| author |   millert <millert@openbsd.org> | 2000-12-15 04:01:39 +0000 |
|---|---|---|
| committer | millert <millert@openbsd.org> | 2000-12-15 04:01:39 +0000 |
| commit | aa51ee4336396e7a72b1720b8ac887115996b8a0 (patch) | |
| tree | 71880a2eeea688ce76e51ce97ea7c0c6b7e9d22e | |
| parent | openssl-engine 0.9.6 merge (diff) | |
| download | wireguard-openbsd-aa51ee4336396e7a72b1720b8ac887115996b8a0.tar.xz wireguard-openbsd-aa51ee4336396e7a72b1720b8ac887115996b8a0.zip | |
When opening /etc/sudoers for writing, use SUDOERS_MODE for the mode.
Otherwise if the user creates a new sudoers file, makes a syntax error,
and quits, sudoers will have a random file mode. However, since it
is also zero-length, there is no information exposed. Closes PR 1559.
| -rw-r--r-- | usr.bin/sudo/visudo.c | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/usr.bin/sudo/visudo.c b/usr.bin/sudo/visudo.c index 70f763c1467..22ff892e3cd 100644 --- a/usr.bin/sudo/visudo.c +++ b/usr.bin/sudo/visudo.c @@ -166,7 +166,7 @@ main(argc, argv) * Open sudoers, lock it and stat it. * sudoers_fd must remain open throughout in order to hold the lock. */ - sudoers_fd = open(sudoers, O_RDWR | O_CREAT); + sudoers_fd = open(sudoers, O_RDWR | O_CREAT, SUDOERS_MODE); if (sudoers_fd == -1) { (void) fprintf(stderr, "%s: %s: %s\n", Argv[0], sudoers, strerror(errno)); |