#! /bin/sh /usr/share/dpatch/dpatch-run
## 361913_world_readable_passwords.dpatch by Alec Berryman <alec@thened.net>
##
## All lines beginning with `## DP:' are a description of the patch.
## DP: Don't create group- or world-accessible configuration files.  
## DP: Also insure such configuration files don't continue to exist.

@DPATCH@
diff -urNad linphone-1.3.3~/coreapi/lpconfig.c linphone-1.3.3/coreapi/lpconfig.c
--- linphone-1.3.3~/coreapi/lpconfig.c	2006-03-24 09:37:42.000000000 +0000
+++ linphone-1.3.3/coreapi/lpconfig.c	2006-05-14 17:14:09.000000000 +0100
@@ -36,6 +36,9 @@
 #include <stdlib.h>
 #include <string.h>
 #include <assert.h>
+#include <errno.h>
+#include <sys/types.h>
+#include <sys/stat.h>
 
 #define lp_new0(type,n)	(type*)calloc(sizeof(type),n)
 
@@ -216,6 +219,11 @@
 		if (lpconfig->file!=NULL){
 			lp_config_parse(lpconfig);
 			fclose(lpconfig->file);
+			/* make existing configuration files non-group/world-accessible */
+			if (chmod(filename, S_IRUSR | S_IWUSR) == -1)
+				g_warning("unable to correct permissions on "
+				  	  "configuration file: %s",
+					   strerror(errno));
 			lpconfig->file=NULL;
 		}
 	}
@@ -324,6 +332,8 @@
 int lp_config_sync(LpConfig *lpconfig){
 	FILE *file;
 	if (lpconfig->filename==NULL) return -1;
+	/* don't create group/world-accessible files */
+	(void) umask(S_IRWXG | S_IRWXO);
 	file=fopen(lpconfig->filename,"w");
 	if (file==NULL){
 		g_warning("Could not write %s !",lpconfig->filename);