diff options
author | Brett Grandbois <brett.grandbois@opengear.com> | 2018-05-03 16:02:04 +1000 |
---|---|---|
committer | Samuel Mendoza-Jonas <sam@mendozajonas.com> | 2018-05-04 10:26:59 +1000 |
commit | 17d9d54a46beab44db751b9bcf7f289b9bf101cf (patch) | |
tree | c5e5baac594e751807f02cd5f38f239a5769f2c4 | |
parent | fa44993a61fc7ca0f3f73233ebf761dabfd5a1fa (diff) | |
download | talos-petitboot-17d9d54a46beab44db751b9bcf7f289b9bf101cf.tar.gz talos-petitboot-17d9d54a46beab44db751b9bcf7f289b9bf101cf.zip |
lib/file: remove mkstemp umask in copy_file_secure_dest
mkstemp will generate the temp file with permissions 0600 so the
umask(0644) is causing the file to have permissions of 0000, making
signature files unreadable
Signed-off-by: Brett Grandbois <brett.grandbois@opengear.com>
Signed-off-by: Samuel Mendoza-Jonas <sam@mendozajonas.com>
-rw-r--r-- | lib/file/file.c | 3 |
1 files changed, 0 insertions, 3 deletions
diff --git a/lib/file/file.c b/lib/file/file.c index 57a2519..b575d34 100644 --- a/lib/file/file.c +++ b/lib/file/file.c @@ -44,7 +44,6 @@ int copy_file_secure_dest(void *ctx, const char *source_file, unsigned char *buffer; ssize_t r; size_t l1; - mode_t oldmask; source_handle = fopen(source_file, "r"); if (!source_handle) { @@ -53,9 +52,7 @@ int copy_file_secure_dest(void *ctx, const char *source_file, return -1; } - oldmask = umask(0644); destination_fd = mkstemp(template); - umask(oldmask); if (destination_fd < 0) { pb_log("%s: unable to create temp file, %m\n", __func__); fclose(source_handle); |