rooty/yubico-pam
1
0
Fork 0
mirror of https://github.com/Yubico/yubico-pam.git synced 2025-02-26 21:54:15 +01:00
Code Issues Projects Releases Wiki Activity

Avoid potentially following a symlink with open()

Browse Source
This commit is contained in:
Gabriel Kihlman 2019-05-15 12:50:05 +02:00
parent bec4e43732
commit 9d24c966c3
No known key found for this signature in database
GPG Key ID: C59A56181B3BF1F7
1 changed files with 1 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
ykpamcfg.c
View File

@ -250,7 +250,7 @@ do_add_hmac_chalresp(YK_KEY *yk, uint8_t slot, bool verbose, char *output_dir, u
umask(077); umask(077);
fd = open (fn, O_WRONLY | O_CREAT | O_TRUNC | O_CLOEXEC, S_IRUSR | S_IWUSR); fd = open (fn, O_WRONLY | O_CREAT | O_TRUNC | O_CLOEXEC | O_NOFOLLOW | O_NOCTTY, S_IRUSR | S_IWUSR);
if (fd < 0) { if (fd < 0) {
fprintf (stderr, "Failed to open '%s' for writing: %s\n", fn, strerror (errno)); fprintf (stderr, "Failed to open '%s' for writing: %s\n", fn, strerror (errno));
goto out; goto out;