[gnome-software/uajain/umask] external-appstream: Set the umask for gs-install-appstream subprocess

From: Umang Jain <uajain src gnome org>
To: commits-list gnome org
Cc:
Subject: [gnome-software/uajain/umask] external-appstream: Set the umask for gs-install-appstream subprocess
Date: Thu, 3 Oct 2019 18:30:14 +0000 (UTC)

commit 73d40eee9b40dac01eee0ed5af37fd0abc90a666
Author: Umang Jain <umang endlessm com>
Date:   Thu Oct 3 19:47:13 2019 +0530

    external-appstream: Set the umask for gs-install-appstream subprocess
    
    external-appstream is a root-owned file. Make sure that the file
    doesn't end up with world-writable permission while doing the
    copy.

 plugins/external-appstream/gs-install-appstream.c | 4 ++++
 1 file changed, 4 insertions(+)
---
diff --git a/plugins/external-appstream/gs-install-appstream.c 
b/plugins/external-appstream/gs-install-appstream.c
index 7f5eb92d..560e528c 100644
--- a/plugins/external-appstream/gs-install-appstream.c
+++ b/plugins/external-appstream/gs-install-appstream.c
@@ -23,6 +23,7 @@
 
 #include <locale.h>
 #include <stdlib.h>
+#include <sys/stat.h>
 
 #include <xmlb.h>
 #include <glib/gi18n.h>
@@ -163,6 +164,9 @@ main (int argc, char *argv[])
                return EXIT_FAILURE;
        }
 
+       /* Set the umask to ensure it is read-only to all users except root. */
+       umask (022);
+
        /* do the copy */
        if (!gs_install_appstream_copy_file (file, &error)) {
                /* TRANSLATORS: error details */

[Date Prev][Date Next] [Thread Prev][Thread Next] [Thread Index] [Date Index] [Author Index]