Michael Richardson <[EMAIL PROTECTED]> writes:
> >>>>> "Torsten" == Torsten Landschoff <[EMAIL PROTECTED]> writes:
Torsten> What do you think? I wanted to attach a simple patch but
Torsten> since fopen is used for opening the file and since there
Torsten> is a windows port of libpcap it is not quite that
Torsten> easy. One could as well invoke umask in tcpdump's main if
Torsten> available.
> I suggest:
>
> #if UNIX
> if(getuid()==0 || geteuid()!=getuid()) { /* or some other appropriate
>variation*/
> umask(022);
> }
> #endif
I don't think it's ever appropriate to make a user's umask *more*
permissive without letting them override it. To just make it less
permissive, something like:
umask(umask(0777)|022);
would be better, taking their current umask and setting the user-write
and group-write bit if they aren't already set.
But I don't know why allowing users to write to packet dumps is
particularly more dangerous than allowing users to write to other
files...I think it's more important to prevent users from *reading*
them, since there's a good chance they contain passwords. That would
make a umask(077) more appropriate.
I think the fact that I think a umask of 077 is appropriate and
Michael thinks a umask of 022 is appropriate is enough to hint that
maybe we should just honor the user's umask after all.
------ScottG.
-
This is the TCPDUMP workers list. It is archived at
http://www.tcpdump.org/lists/workers/index.html
To unsubscribe use mailto:[EMAIL PROTECTED]?body=unsubscribe
