[RFC] libbb: lineedit: make shell history accesible for user only
Denys Vlasenko
vda.linux at googlemail.com
Mon Nov 15 01:59:16 UTC 2010
On Friday 12 November 2010 14:52, Wolfram Sang wrote:
> No group nor other shall have access to the shell history!
>
> Signed-off-by: Wolfram Sang <w.sang at pengutronix.de>
> ---
>
> A customer complained about it and I think he has a point.
>
> libbb/lineedit.c | 5 ++++-
> 1 files changed, 4 insertions(+), 1 deletions(-)
>
> diff --git a/libbb/lineedit.c b/libbb/lineedit.c
> index 68006ff..d912f42 100644
> --- a/libbb/lineedit.c
> +++ b/libbb/lineedit.c
> @@ -1336,7 +1336,7 @@ static void save_history(char *str)
> int fd;
> int len, len2;
>
> - fd = open(state->hist_file, O_WRONLY | O_CREAT | O_APPEND, 0666);
> + fd = open(state->hist_file, O_WRONLY | O_CREAT | O_APPEND, 0600);
> if (fd < 0)
> return;
> xlseek(fd, 0, SEEK_END); /* paranoia */
> @@ -1353,6 +1353,7 @@ static void save_history(char *str)
> if (state->cnt_history_in_file > MAX_HISTORY * 4) {
> FILE *fp;
> char *new_name;
> + mode_t old_mask;
> line_input_t *st_temp;
> int i;
>
> @@ -1364,7 +1365,9 @@ static void save_history(char *str)
>
> /* write out temp file and replace hist_file atomically */
> new_name = xasprintf("%s.%u.new", state->hist_file, (int) getpid());
> + old_mask = umask(S_IXUSR | S_IRWXG | S_IRWXO);
> fp = fopen_for_write(new_name);
> + umask(old_mask);
> if (fp) {
> for (i = 0; i < st_temp->cnt_history; i++)
> fprintf(fp, "%s\n", st_temp->history[i]);
Applied in a slightly different form, thanks!
--
vda
More information about the busybox
mailing list