commit | b31878b3dd3feae452930ec44386041a2b249026 | [log] [tgz] |
---|---|---|
author | mekleo <36504477+mekleo@users.noreply.github.com> | Mon Sep 09 14:10:47 2019 +0200 |
committer | Michal Vasko <mvasko@cesnet.cz> | Mon Sep 09 16:03:12 2019 +0200 |
tree | 31de54d7887d8a266af8bc62e05c398e36cdbeba | |
parent | e1e8263c9b12d2db396c1bc43c46eb855a74d4e6 [diff] [blame] |
Wrong umask prevents temporary private key access Hi, umask 0600 prevents the user from reading his own temporary private key file. 0177 might be the intended mask. Kind regards.
diff --git a/src/session_server_ssh.c b/src/session_server_ssh.c index a8707c4..a804160 100644 --- a/src/session_server_ssh.c +++ b/src/session_server_ssh.c
@@ -46,7 +46,7 @@ return NULL; } - umode = umask(0600); + umode = umask(0177); fd = mkstemp(path); umask(umode); if (fd == -1) {