Bug#292625: directory-administrator: profile permissions patch

Daniel van Eeden Fri, 28 Jan 2005 05:48:14 -0800

Package: directory-administrator
Version: profile permissions patch
Severity: normal



Security patch for the profile permissions, not critical.

-- System Information:
Debian Release: 3.1
  APT prefers unstable
  APT policy: (500, 'unstable'), (1, 'experimental')
Architecture: i386 (i686)
Kernel: Linux 2.6.8-2-686
Locale: LANG=C, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8)

Versions of packages directory-administrator depends on:
ii  gdk-imlib1               1.9.14-16.2     imaging library for use with gtk (
ii  libart2                  1.4.2-19        The GNOME canvas widget - runtime 
ii  libaudiofile0            0.2.6-5         Open-source version of SGI's audio
ii  libc6                    2.3.2.ds1-20    GNU C Library: Shared libraries an
ii  libdb3                   3.2.9-20        Berkeley v3 Database Libraries [ru
ii  libesd0                  0.2.35-2        Enlightened Sound Daemon - Shared 
ii  libglib1.2               1.2.10-9        The GLib library of C routines
ii  libgnome32               1.4.2-19        The GNOME libraries
ii  libgnomesupport0         1.4.2-19        The GNOME libraries (Support libra
ii  libgnomeui32             1.4.2-19        The GNOME libraries (User Interfac
ii  libgtk1.2                1.2.10-17       The GIMP Toolkit set of widgets fo
ii  libice6                  4.3.0.dfsg.1-10 Inter-Client Exchange library
ii  libldap2                 2.1.30-3        OpenLDAP libraries
ii  libsm6                   4.3.0.dfsg.1-10 X Window System Session Management
ii  libssl0.9.7              0.9.7e-3        SSL shared libraries
ii  libx11-6                 4.3.0.dfsg.1-10 X Window System protocol client li
ii  libxext6                 4.3.0.dfsg.1-10 X Window System miscellaneous exte
ii  libxi6                   4.3.0.dfsg.1-10 X Window System Input extension li
ii  xlibs                    4.3.0.dfsg.1-10 X Keyboard Extension (XKB) configu

--- directory_administrator-1.5.1.orig/src/prefs.c	2004-05-17 11:51:39.000000000 +0200
+++ directory_administrator-1.5.1/src/prefs.c	2004-05-17 15:20:06.000000000 +0200
@@ -190,7 +190,7 @@
   struct stat *statbuf = NULL;
   gchar *homedir = NULL;
   gchar *cfgfile = NULL;
-
+  mode_t mask;
   GList *loopix = NULL;
 
   homedir = g_get_home_dir ();
@@ -216,6 +216,7 @@
   //now saving profile list
   cfgfile = g_strconcat (homedir, "/.directory_administrator/profiles", NULL);
   loopix = g_list_first (connection_profile_list);
+  mask = umask(077);
   fd = fopen (cfgfile, "w");
   if (fd)
     {
@@ -256,7 +257,7 @@
       fclose (fd);
     }
   g_free (cfgfile);
-
+  umask(mask);
 
   /*now saving password crypt type */
   gnome_config_set_int ("/directoryadmin/settings/passwordcrypttype",

Bug#292625: directory-administrator: profile permissions patch

Reply via email to