Re: [hackers] [sbase] touch(1) permissions correction

From: Ali H. Fardan <raiz_AT_firemail.cc>
Date: Thu, 01 Sep 2016 20:31:57 +0300

[2016-09-01 19:28] [#suckless] <iamb> Raiz: 0666 is correct for touch,
it is bitwise-anded with umask. see open(2), or test with those other
utilities, or look at their code
[2016-09-01 19:30] [#suckless] <Raiz> looks like I'm the one introducing
bugs rather than fixing them

sorry for inconvenience.

On 2016-09-01 20:13, Ali H. Fardan wrote:
> from a security prespective, touch should not allow
> everyone to have write permissions to the file, if
> someones needs such a permission, chmod(1) can be
> used later.
> I have tried touch(1) from coreutils and OpenBSD,
> both set the default permissions to 644.
>
> Raiz
>
> diff --git a/touch.c b/touch.c
> index 6e63bf8..a849901 100644
> --- a/touch.c
> +++ b/touch.c
> _AT_@ -26,7 +26,7 @@ touch(const char *file)
> eprintf("utimensat %s:", file);
> if (cflag)
> return;
> - if ((fd = open(file, O_WRONLY | O_CREAT | O_EXCL, 0666)) < 0)
> + if ((fd = open(file, O_WRONLY | O_CREAT | O_EXCL, 0644)) < 0)
> eprintf("open %s:", file);
> ret = futimens(fd, times);
> close(fd);
Received on Thu Sep 01 2016 - 19:31:57 CEST