diff options
Diffstat (limited to 'auth-krb5.c')
-rw-r--r-- | auth-krb5.c | 6 |
1 files changed, 5 insertions, 1 deletions
diff --git a/auth-krb5.c b/auth-krb5.c index a728ebac1..a324ff15c 100644 --- a/auth-krb5.c +++ b/auth-krb5.c | |||
@@ -69,6 +69,7 @@ auth_krb5_password(Authctxt *authctxt, const char *password) | |||
69 | krb5_principal server; | 69 | krb5_principal server; |
70 | char ccname[40]; | 70 | char ccname[40]; |
71 | int tmpfd; | 71 | int tmpfd; |
72 | mode_t old_umask; | ||
72 | #endif | 73 | #endif |
73 | krb5_error_code problem; | 74 | krb5_error_code problem; |
74 | krb5_ccache ccache = NULL; | 75 | krb5_ccache ccache = NULL; |
@@ -147,7 +148,10 @@ auth_krb5_password(Authctxt *authctxt, const char *password) | |||
147 | 148 | ||
148 | snprintf(ccname,sizeof(ccname),"FILE:/tmp/krb5cc_%d_XXXXXX",geteuid()); | 149 | snprintf(ccname,sizeof(ccname),"FILE:/tmp/krb5cc_%d_XXXXXX",geteuid()); |
149 | 150 | ||
150 | if ((tmpfd = mkstemp(ccname+strlen("FILE:")))==-1) { | 151 | old_umask = umask(0177); |
152 | tmpfd = mkstemp(ccname + strlen("FILE:")); | ||
153 | umask(old_umask); | ||
154 | if (tmpfd == -1) { | ||
151 | logit("mkstemp(): %.100s", strerror(errno)); | 155 | logit("mkstemp(): %.100s", strerror(errno)); |
152 | problem = errno; | 156 | problem = errno; |
153 | goto out; | 157 | goto out; |