Fix the issue that Deploypkg log files of linux should not be world readable.

author Oliver Kurth <okurth@vmware.com>

Tue, 18 Dec 2018 21:19:47 +0000 (13:19 -0800)

committer Oliver Kurth <okurth@vmware.com>

Tue, 18 Dec 2018 21:19:47 +0000 (13:19 -0800)
author Oliver Kurth <okurth@vmware.com>
Tue, 18 Dec 2018 21:19:47 +0000 (13:19 -0800)
committer Oliver Kurth <okurth@vmware.com>
Tue, 18 Dec 2018 21:19:47 +0000 (13:19 -0800)
diff --git a/open-vm-tools/services/plugins/deployPkg/deployPkgLog.c b/open-vm-tools/services/plugins/deployPkg/deployPkgLog.c

index b0990e6c2ef3abf7ee466836415f35f40b6bfe0b..2eabd702e24ea2d4b4f56b2ddeb205a2f4e5d7ca 100644 (file)
--- a/open-vm-tools/services/plugins/deployPkg/deployPkgLog.c
+++ b/open-vm-tools/services/plugins/deployPkg/deployPkgLog.c
@@ -30,6 +30,7 @@
  #include "vmware/tools/utils.h"
  
  #include <stdio.h>
+#include <sys/stat.h>
  
  #ifdef _WIN32
  #include <windows.h>
@@ -43,8 +44,9 @@ static FILE* _file = NULL;
   *
   * DeployPkgLog_Open --
   *
- *    Init the log. Creates a file in %temp%/vmware and 
- *    opens it for writing. On error, the file will not be opened and logging
+ *    Init the log. Creates a file in %temp%/vmware and
+ *    opens it for writing. On linux, only root own r/w right.
+ *    On error, the file will not be opened and logging
   *    will be disabled.
   *
   * Results:
@@ -67,7 +69,7 @@ DeployPkgLog_Open()
     if (ret == 0) {
        return;
     }
-   
+
     Str_Strcat(logPath, "vmware-imc", sizeof logPath);
  #else
     Str_Strcpy(logPath, "/var/log/vmware-imc", sizeof logPath);
@@ -79,6 +81,7 @@ DeployPkgLog_Open()
        if (_file != NULL) {
  #ifndef _WIN32
           setlinebuf(_file);
+         (void) chmod(logPath, 0600);
  #endif
           DeployPkgLog_Log(log_debug, "## Starting deploy pkg operation");
        }
author	Oliver Kurth <okurth@vmware.com>
	Tue, 18 Dec 2018 21:19:47 +0000 (13:19 -0800)
committer	Oliver Kurth <okurth@vmware.com>
	Tue, 18 Dec 2018 21:19:47 +0000 (13:19 -0800)