From 5afd8aedce004cc11700285c16ea84f1e857d473 Mon Sep 17 00:00:00 2001
From: David Dykstra <dwd@samba.org>
Date: Mon, 1 Mar 1999 21:22:54 +0000
Subject: Change the mask used when creating temporary files from 777 to 700,
 to prevent an obscure race-condition security hole where a file may for a
 short time have the wrong group.  Could have used 707 instead but that's just
 too weird of a permission.  The define name used to be ACCESSPERMS but that
 is defined as 777 on Linux, so changed the name to INITPERMMASK.

---
 rsync.c | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

(limited to 'rsync.c')

diff --git a/rsync.c b/rsync.c
index 178dc523..1d62abc4 100644
--- a/rsync.c
+++ b/rsync.c
@@ -202,7 +202,7 @@ int set_perms(char *fname,struct file_struct *file,STRUCT_STAT *st,
 #ifdef HAVE_CHMOD
 	if (preserve_perms && !S_ISLNK(st->st_mode) &&
 	    (st->st_mode != file->mode || 
-	     (updated && (file->mode & ~ACCESSPERMS)))) {
+	     (updated && (file->mode & ~INITPERMMASK)))) {
 		updated = 1;
 		if (do_chmod(fname,file->mode) != 0) {
 			rprintf(FERROR,"failed to set permissions on %s : %s\n",
@@ -260,7 +260,7 @@ void finish_transfer(char *fname, char *fnametmp, struct file_struct *file)
 		if (errno == EXDEV) {
 			/* rename failed on cross-filesystem link.  
 			   Copy the file instead. */
-			if (copy_file(fnametmp,fname, file->mode & ACCESSPERMS)) {
+			if (copy_file(fnametmp,fname, file->mode & INITPERMMASK)) {
 				rprintf(FERROR,"copy %s -> %s : %s\n",
 					fnametmp,fname,strerror(errno));
 			} else {
-- 
cgit v1.2.1