On Tue, 14 Feb 2006 16:46:21 +0100, Marc Haber <[EMAIL PROTECTED]> said:
>
> That sounds, however, reasonably easy fixable. I do not have too much
> clue, but would it be enough to do something like
> mode_t umask_save;
> umask_save=umask(077);
> fopen();
> umask(umask_save);
> for all fopen calls found in demime.c?
Yes, that is direct and I believe it would work. I think it isn't just
demime.c which needs fixing, though. Eg, in spool_mbox.c, line 59.
/* open [message_id].eml file for writing */
(void)string_format(mbox_path, 1024, "%s/scan/%s/%s.eml", spool_directory,
message_id, message_id);
mbox_file = Ufopen(mbox_path,"wb");
I think a wrapper which accepted a mode argument would be a better
overall solution. Some parts of the code would even be simplified
(such as daemon.c, which does fopen()/fchmod() on the PID file -- it
would even be made safer because there's a race condition in the code
currently there).
src/buildconfig.c:new = fopen("config.h", "wb");
src/daemon.c: f = Ufopen(pid_file_path, "wb");
src/demime.c: *f = fopen(CS file_name,"wb+");
src/malware.c: scanner_record = fopen(CS file_name,"wb");
src/mime.c: f = fopen(CS filename,"wb+");
src/mime.c: f = fopen(CS fname,"wb+");
src/mime.c: f = fopen(CS filename,"wb+");
src/pcre/dftables.c:f = fopen(argv[1], "wb");
src/pcre/pcretest.c: outfile = fopen(argv[op+1], "wb");
src/pcre/pcretest.c: FILE *f = fopen((char *)to_file, "wb");
src/spool_mbox.c: mbox_file = Ufopen(mbox_path,"wb");
--
Roderick Schertler
[EMAIL PROTECTED]
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
