diff options
| author | David Dykstra <dwd@samba.org> | 1999-03-01 21:22:54 +0000 |
|---|---|---|
| committer | David Dykstra <dwd@samba.org> | 1999-03-01 21:22:54 +0000 |
| commit | 5afd8aedce004cc11700285c16ea84f1e857d473 (patch) | |
| tree | df5f66754bd4510b3a194f1b007e8214f437d185 /rsync.c | |
| parent | 86692050b54b16e5b289ddeacbb59f890455cca7 (diff) | |
| download | rsync-5afd8aedce004cc11700285c16ea84f1e857d473.tar.gz | |
Change the mask used when creating temporary files from 777 to 700, to prevent
an obscure race-condition security hole where a file may for a short time
have the wrong group. Could have used 707 instead but that's just too weird
of a permission. The define name used to be ACCESSPERMS but that is defined
as 777 on Linux, so changed the name to INITPERMMASK.
Diffstat (limited to 'rsync.c')
| -rw-r--r-- | rsync.c | 4 |
1 files changed, 2 insertions, 2 deletions
@@ -202,7 +202,7 @@ int set_perms(char *fname,struct file_struct *file,STRUCT_STAT *st, #ifdef HAVE_CHMOD if (preserve_perms && !S_ISLNK(st->st_mode) && (st->st_mode != file->mode || - (updated && (file->mode & ~ACCESSPERMS)))) { + (updated && (file->mode & ~INITPERMMASK)))) { updated = 1; if (do_chmod(fname,file->mode) != 0) { rprintf(FERROR,"failed to set permissions on %s : %s\n", @@ -260,7 +260,7 @@ void finish_transfer(char *fname, char *fnametmp, struct file_struct *file) if (errno == EXDEV) { /* rename failed on cross-filesystem link. Copy the file instead. */ - if (copy_file(fnametmp,fname, file->mode & ACCESSPERMS)) { + if (copy_file(fnametmp,fname, file->mode & INITPERMMASK)) { rprintf(FERROR,"copy %s -> %s : %s\n", fnametmp,fname,strerror(errno)); } else { |