From: Remi Gacogne <remi.gacogne@powerdns.com>
Date: Tue, 1 Aug 2023 11:56:03 +0000 (+0200)
Subject: pdnsutil: Set a proper umask before writing the temporary zone file
X-Git-Tag: rec-5.0.0-alpha1~77^2
X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=ca478cf8195bf996f7c9389caa9ae4e25fc0177c;p=thirdparty%2Fpdns.git

pdnsutil: Set a proper umask before writing the temporary zone file

This does not matter on Linux where mkstemp ensures that "the file
is created with permissions 0600 that is, read plus write for owner
only" but it might on other systems as POSIX does not require mkstemp
to do so.
Reported by Coverity as CID 1501165.
---

diff --git a/pdns/pdnsutil.cc b/pdns/pdnsutil.cc
index 54d02d35bb..bdf0d3347b 100644
--- a/pdns/pdnsutil.cc
+++ b/pdns/pdnsutil.cc
@@ -32,6 +32,7 @@
 #include <fstream>
 #include <utility>
 #include <cerrno>
+#include <sys/stat.h>
 #include <termios.h>            //termios, TCSANOW, ECHO, ICANON
 #include "opensslsigners.hh"
 #ifdef HAVE_LIBSODIUM
@@ -1171,6 +1172,13 @@ static int editZone(const DNSName &zone, const PDNSColors& col) {
     cerr << "Zone '" << zone << "' not found!" << endl;
     return EXIT_FAILURE;
   }
+
+  /* ensure that the temporary file will only
+     be accessible by the current user, not even
+     by other users in the same group, and certainly
+     not by other users.
+  */
+  umask(S_IRGRP|S_IWGRP|S_IROTH|S_IWOTH);
   vector<DNSRecord> pre, post;
   char tmpnam[]="/tmp/pdnsutil-XXXXXX";
   int tmpfd=mkstemp(tmpnam);