I forgot to fix stage 1 in take 1 of the patch.
As it may be security issue, and it is well isolated, I'd like
to pull it in F14 too. Tested to build, I think I'll be able to test
the functionality too (tomorrow).
---
loader/net.c | 7 ++++++-
pyanaconda/network.py | 2 +-
2 files changed, 7 insertions(+), 2 deletions(-)
diff --git a/loader/net.c b/loader/net.c
index 1f0c2a9..6992b3b 100644
--- a/loader/net.c
+++ b/loader/net.c
@@ -1521,13 +1521,18 @@ int writeEnabledNetInfo(iface_t *iface) {
fprintf(fp, "KEY1=%s\n", iface->wepkey);
-
if (fclose(fp) == EOF) {
free(ofile);
free(nfile);
return 24;
}
+ if (chmod(ofile, S_IRUSR | S_IWUSR) == -1) {
+ free(ofile);
+ free(nfile);
+ return 26;
+ }
+
if (rename(ofile, nfile) == -1) {
free(ofile);
free(nfile);
diff --git a/pyanaconda/network.py b/pyanaconda/network.py
index 9c77c9d..9c16041 100644
--- a/pyanaconda/network.py
+++ b/pyanaconda/network.py
@@ -278,7 +278,7 @@ class NetworkDevice(IfcfgFile):
os.write(fd, "KEY1=%s\n" % self.wepkey)
os.close(fd)
- os.chmod(newifcfg, 0644)
+ os.chmod(newifcfg, 0600)
try:
os.remove(keyfile)
except OSError as e:
--
1.7.2
_______________________________________________
Anaconda-devel-list mailing list
Anaconda-devel-list@xxxxxxxxxx
https://www.redhat.com/mailman/listinfo/anaconda-devel-list
