Matt McCutchen's Web Site / rsync / rsync.git / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side
Change the mask used when creating temporary files from 777 to 700, to prevent
[rsync/rsync.git] / rsync.h
diff --git a/rsync.h b/rsync.h
index 92ba256..92823bb 100644 (file)
--- a/rsync.h
+++ b/rsync.h
@@ -462,9 +462,10 @@ extern int errno;
 
 #define IS_DEVICE(mode) (S_ISCHR(mode) || S_ISBLK(mode) || S_ISSOCK(mode) || S_ISFIFO(mode))
 
-#ifndef ACCESSPERMS
-#define ACCESSPERMS 0777
-#endif
+/* Initial mask on permissions given to temporary files.  Mask off setuid
+     bits and group access because of potential race-condition security
+     holes, and mask other access because mode 707 is bizarre */
+#define INITPERMMASK 0700
 
 /* handler for null strings in printf format */
 #define NS(s) ((s)?(s):"<NULL>")
Matt McCutchen's repository for rsync, the fast and versatile remote file copier