Commit 9e3edd30 authored by Paul Eggert's avatar Paul Eggert
Browse files

* movemail.c: Don't grant more read permissions than necessary.

The old 0333 dates back to before we called setuid,
so it was needed back then to ensure user-readability,
but 0377 should suffice now.
parent f58afc72
......@@ -2,6 +2,10 @@
* movemail.c (main): Call umask on all systems.
This is OK since Emacs already assumes umask elsewhere.
Don't grant more read permissions than necessary.
The old 0333 dates back to before we called setuid,
so it was needed back then to ensure user-readability,
but 0377 should suffice now.
2013-02-08 Paul Eggert <eggert@cs.ucla.edu>
......
......@@ -380,9 +380,9 @@ main (int argc, char **argv)
if (indesc < 0)
pfatal_with_name (inname);
/* In case movemail is setuid to root, make sure the user can
read the output file. */
umask (umask (0) & 0333);
/* Make sure the user can read the output file. */
umask (umask (0) & 0377);
outdesc = open (outname, O_WRONLY | O_CREAT | O_EXCL, 0666);
if (outdesc < 0)
pfatal_with_name (outname);
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment