- (bal) Avoid socket file security issues in ssh-agent for Cygwin.

   Patch by Egor Duda <deo@logos-m.ru>

2 files changed, 15 insertions, 1 deletions

diff --git a/ChangeLog b/ChangeLog
index 0b530a4c5..46729c616 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -10,6 +10,8 @@
      [servconf.c]
      remove "\n" from fatal()
  - (bal) Updated Cygwin README by Corinna Vinschen <vinschen@redhat.com>
+ - (bal) Avoid socket file security issues in ssh-agent for Cygwin.
+   Patch by Egor Duda <deo@logos-m.ru>
 
 20010503
  - OpenBSD CVS Sync
@@ -5321,4 +5323,4 @@
  - Wrote replacements for strlcpy and mkdtemp
  - Released 1.0pre1
 
-$Id: ChangeLog,v 1.1194 2001/05/03 22:45:21 mouring Exp $
+$Id: ChangeLog,v 1.1195 2001/05/03 22:59:24 mouring Exp $
diff --git a/ssh-agent.c b/ssh-agent.c
index e8362ded0..07dafaa57 100644
--- a/ssh-agent.c
+++ b/ssh-agent.c
@@ -714,6 +714,9 @@ main(int ac, char **av)
 #ifdef HAVE_SETRLIMIT
         struct rlimit rlim;
 #endif
+#ifdef HAVE_CYGWIN
+        int prev_mask;
+#endif
         pid_t pid;
         char *shell, *format, *pidstr, pidstrbuf[1 + 3 * sizeof pid];
         extern int optind;
@@ -805,10 +808,19 @@ main(int ac, char **av)
         memset(&sunaddr, 0, sizeof(sunaddr));
         sunaddr.sun_family = AF_UNIX;
         strlcpy(sunaddr.sun_path, socket_name, sizeof(sunaddr.sun_path));
+#ifdef HAVE_CYGWIN
+        prev_mask = umask(0177);
+#endif
         if (bind(sock, (struct sockaddr *) & sunaddr, sizeof(sunaddr)) < 0) {
                 perror("bind");
+#ifdef HAVE_CYGWIN
+                umask(prev_mask);
+#endif
                 cleanup_exit(1);
         }
+#ifdef HAVE_CYGWIN
+        umask(prev_mask);
+#endif
         if (listen(sock, 5) < 0) {
                 perror("listen");
                 cleanup_exit(1);