pam_matrix: Call umask before mkstemp()

Without calling umask() we create and use insecure temporary files that
can leave application and system data vulnerable to attack. Unlikely in
a module created for testing, but better fix it.

Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Michael Adam <obnox@samba.org>

diff --git a/src/modules/pam_matrix.c b/src/modules/pam_matrix.c
index 89fdd56fcd35d1e6fff17d323a2bcf8e2af35e40..bf5c60ad68a8d58e28fede850f8140e10e176590 100644 (file)
--- a/src/modules/pam_matrix.c
+++ b/src/modules/pam_matrix.c
@@ -19,6 +19,8 @@
 #include "config.h"
 
 #include <sys/param.h>
+#include <sys/types.h>
+#include <sys/stat.h>
 
 #include <pwd.h>
 #include <stdlib.h>
@@ -195,6 +197,7 @@ static int pam_matrix_lib_items_put(const char *db,
                                    struct pam_lib_items *pli)
 {
        int rv;
+       mode_t old_mask;
        FILE *fp = NULL;
        FILE *fp_tmp = NULL;
        char buf[BUFSIZ];
@@ -211,7 +214,9 @@ static int pam_matrix_lib_items_put(const char *db,
        }
 
        /* We don't support concurrent runs.. */
+       old_mask = umask(0);
        rv = mkstemp(template);
+       umask(old_mask);
        if (rv <= 0) {
                rv = PAM_BUF_ERR;
                goto done;