rooty/yubico-pam
1
0
Fork 0
mirror of https://github.com/Yubico/yubico-pam.git synced 2025-02-20 21:54:16 +01:00
Code Issues Projects Releases Wiki Activity

replace fopen with open+fdopen to set more restrictive bits

Browse Source
This commit is contained in:
Klas Lindfors 2012-06-08 10:45:59 +02:00
parent dfd1d3f769
commit 41c576e0cf
1 changed files with 10 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

12
pam_yubico.c
View File

@ -605,9 +605,17 @@ do_challenge_response(pam_handle_t *pamh, struct cfg *cfg, const char *username)
strcpy(tmpfile, userfile);
strcat(tmpfile, ".tmp");
f = fopen(tmpfile, "w");
if (! f)
fd = open(tmpfile, O_WRONLY | O_CREAT | O_TRUNC, S_IRUSR | S_IWUSR);
if (fd < 0) {
DBG (("Cannot open file: %s (%s)", tmpfile, strerror(errno)));
goto out;
}
f = fdopen(fd, "w");
if (! f) {
close(fd);
goto out;
}
errstr = "Error updating Yubikey challenge, please check syslog or contact your system administrator";
if (! write_chalresp_state (f, &state))