mir/sudo
2
0
Fork 0
mirror of https://github.com/sudo-project/sudo.git synced 2025-08-31 14:25:15 +00:00
Code Issues Releases Wiki Activity

visudo: create temporary file as mod 0600 not 0700

Browse Source 
This was due to a typo in the mode field when the temporary file
was created.  Noticed by Bjorn Baron of the sudo-rs project.
This commit is contained in:
Todd C. Miller
2025-07-08 07:49:07 -06:00
parent cb4e267341
commit 1c254b3304
1 changed files with 1 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
plugins/sudoers/visudo.c
View File

@@ -499,7 +499,7 @@ edit_sudoers(struct sudoersfile *sp, char *editor, int editor_argc,
if (sp->tpath == NULL) {
if (asprintf(&sp->tpath, "%s.tmp", sp->dpath) == -1)
sudo_fatalx(U_("%s: %s"), __func__, U_("unable to allocate memory"));
tfd = open(sp->tpath, O_WRONLY|O_CREAT|O_TRUNC, S_IRWXU|S_IRUSR);
tfd = open(sp->tpath, O_WRONLY|O_CREAT|O_TRUNC, S_IRUSR|S_IWUSR);
if (tfd < 0)
sudo_fatal("%s", sp->tpath);