[PATCH master f14-branch] (take 2) Fix permissions of wepkey file to 0600 (#636099)

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



I forgot to fix stage 1 in take 1 of the patch.
As it may be security issue, and it is well isolated, I'd like
to pull it in F14 too. Tested to build, I think I'll be able to test
the functionality too (tomorrow).

---
 loader/net.c          |    7 ++++++-
 pyanaconda/network.py |    2 +-
 2 files changed, 7 insertions(+), 2 deletions(-)

diff --git a/loader/net.c b/loader/net.c
index 1f0c2a9..6992b3b 100644
--- a/loader/net.c
+++ b/loader/net.c
@@ -1521,13 +1521,18 @@ int writeEnabledNetInfo(iface_t *iface) {
 
         fprintf(fp, "KEY1=%s\n", iface->wepkey);
 
-
         if (fclose(fp) == EOF) {
             free(ofile);
             free(nfile);
             return 24;
         }
 
+        if (chmod(ofile, S_IRUSR | S_IWUSR) == -1) {
+            free(ofile);
+            free(nfile);
+            return 26;
+        }
+
         if (rename(ofile, nfile) == -1) {
             free(ofile);
             free(nfile);
diff --git a/pyanaconda/network.py b/pyanaconda/network.py
index 9c77c9d..9c16041 100644
--- a/pyanaconda/network.py
+++ b/pyanaconda/network.py
@@ -278,7 +278,7 @@ class NetworkDevice(IfcfgFile):
         os.write(fd, "KEY1=%s\n" % self.wepkey)
         os.close(fd)
 
-        os.chmod(newifcfg, 0644)
+        os.chmod(newifcfg, 0600)
         try:
             os.remove(keyfile)
         except OSError as e:
-- 
1.7.2

_______________________________________________
Anaconda-devel-list mailing list
Anaconda-devel-list@xxxxxxxxxx
https://www.redhat.com/mailman/listinfo/anaconda-devel-list


[Index of Archives]     [Kickstart]     [Fedora Users]     [Fedora Legacy List]     [Fedora Maintainers]     [Fedora Desktop]     [Fedora SELinux]     [Big List of Linux Books]     [Yosemite News]     [Yosemite Photos]     [KDE Users]     [Fedora Tools]
  Powered by Linux