Overview

File fix_file_permissions.patch of Package ipmitool

Fix security hole -> wrong file permission

Reference:
https://bugzillafiles.novell.org/attachment.cgi?id=206754&t=hMTMCz2m9Q

Signed-off-by: Thomas Renninger <trenn@suse.de>
Signed-off-by: Wilken Gottwalt  <ajohansson@novell.com>


---
 lib/helper.c  |    1 -
 src/ipmievd.c |    3 +++
 2 files changed, 3 insertions(+), 1 deletion(-)

Index: ipmitool-1.8.11/lib/helper.c
===================================================================
--- ipmitool-1.8.11.orig/lib/helper.c
+++ ipmitool-1.8.11/lib/helper.c
@@ -427,7 +427,6 @@ ipmi_start_daemon(struct ipmi_intf *intf
 #endif
 
 	chdir("/");
-	umask(0);
 
 	for (fd=0; fd<64; fd++) {
 		if (fd != intf->fd)
Index: ipmitool-1.8.11/src/ipmievd.c
===================================================================
--- ipmitool-1.8.11.orig/src/ipmievd.c
+++ ipmitool-1.8.11/src/ipmievd.c
@@ -687,6 +687,7 @@ ipmievd_main(struct ipmi_event_intf * ei
 	int i, rc;
 	int daemon = 1;
 	struct sigaction act;
+	mode_t oldumask;
 
 	memset(pidfile, 0, 64);
 	sprintf(pidfile, "%s%d", DEFAULT_PIDFILE, eintf->intf->devnum);
@@ -744,7 +745,9 @@ ipmievd_main(struct ipmi_event_intf * ei
 			}
 		}
 
+		oldumask = umask(022);
 		fp = ipmi_open_file_write(pidfile);
+		umask(oldumask);
 		if (fp != NULL) {
 			fprintf(fp, "%d\n", (int)getpid());
 			fclose(fp);
openSUSE Build Service is sponsored by
Places