[5881] in Moira
Re: [PATCH] Create the moira logfile with umask 077
daemon@ATHENA.MIT.EDU (Garry P Zacheiss)
Mon Nov 29 15:21:02 2010
From: Garry P Zacheiss <zacheiss@MIT.EDU>
To: Geoffrey G Thomas <geofft@mit.edu>
CC: "moiradev@mit.edu" <moiradev@mit.edu>
Date: Mon, 29 Nov 2010 15:20:35 -0500
Message-ID: <E1B386B0-A2E6-40B8-B693-B42F2F7079A7@exchange.mit.edu>
In-Reply-To: <alpine.DEB.1.10.1011272050390.15830@dr-wily.mit.edu>
Content-Language: en-US
Content-Type: text/plain; charset="us-ascii"
MIME-Version: 1.0
Content-Transfer-Encoding: 8bit
Sure, sold.
Garry
On Nov 27, 2010, at 10:14 PM, Geoffrey Thomas wrote:
> When you "toggle logging on" in the Moira command, the logfile in /var/tmp
> should not be created world-readable, as it will almost certainly include
> private information.
>
> This may have been less important in the past when the default Athena
> umask was 077 instead of 022 (but users could still override that).
>
> Index: clients/moira/menu.c
> ===================================================================
> --- clients/moira/menu.c (revision 4023)
> +++ clients/moira/menu.c (working copy)
> @@ -802,13 +802,16 @@
> int toggle_logging(int argc, char *argv[])
> {
> char buf[BUFSIZ];
> + mode_t oldmask;
>
> if (!log_file)
> {
> sprintf(buf, "%s/%s-log.%d", get_tmp_dir(), whoami, getpid());
>
> /* open the file */
> + oldmask = umask(077);
> log_file = fopen(buf, "a");
> + umask(oldmask);
>
> if (!log_file)
> Put_message("Open of log file failed. Logging is not on.");
