diff --git a/src/bin/efreet/efreet_desktop_cache_create.c b/src/bin/efreet/efreet_desktop_cache_create.c index fe67da1fb4..2fc6e917d7 100644 --- a/src/bin/efreet/efreet_desktop_cache_create.c +++ b/src/bin/efreet/efreet_desktop_cache_create.c @@ -223,9 +223,9 @@ main(int argc, char **argv) int lockfd = -1, tmpfd; int changed = 0; int i; - char path_name[PATH_MAX] = { '\0' }; - Eina_Tmpstr *file = NULL; - Eina_Tmpstr *util_file = NULL; + char file[PATH_MAX] = { '\0' }; + char util_file[PATH_MAX] = { '\0' }; + mode_t um; if (!eina_init()) goto eina_error; _efreet_desktop_cache_log_dom = @@ -273,11 +273,11 @@ main(int argc, char **argv) if (!efreet_init()) goto efreet_error; /* create homedir */ - snprintf(path_name, sizeof(path_name), "%s/efreet", efreet_cache_home_get()); - if (!ecore_file_exists(path_name)) + snprintf(file, sizeof(file), "%s/efreet", efreet_cache_home_get()); + if (!ecore_file_exists(file)) { - if (!ecore_file_mkpath(path_name)) goto efreet_error; - efreet_setowner(path_name); + if (!ecore_file_mkpath(file)) goto efreet_error; + efreet_setowner(file); } /* lock process, so that we only run one copy of this program */ @@ -296,13 +296,21 @@ main(int argc, char **argv) } /* create cache */ - tmpfd = eina_file_mkstemp("efreet_desktop_cache_XXXXXX", &file); + snprintf(file, sizeof(file), "%s.XXXXXX", efreet_desktop_cache_file()); + /* set secure umask for temporary files */ + um = umask(0077); + tmpfd = mkstemp(file); + umask(um); if (tmpfd < 0) goto error; close(tmpfd); ef = eet_open(file, EET_FILE_MODE_READ_WRITE); if (!ef) goto error; - tmpfd = eina_file_mkstemp("efreet_desktop_util_cache_XXXXXX", &util_file); + snprintf(util_file, sizeof(util_file), "%s.XXXXXX", efreet_desktop_util_cache_file()); + /* set secure umask for temporary files */ + um = umask(0077); + tmpfd = mkstemp(util_file); + umask(um); if (tmpfd < 0) goto error; close(tmpfd); util_ef = eet_open(util_file, EET_FILE_MODE_READ_WRITE); @@ -442,8 +450,6 @@ main(int argc, char **argv) printf("%c\n", c); } - eina_tmpstr_del(file); - eina_tmpstr_del(util_file); EINA_LIST_FREE(systemdirs, dir) eina_stringshare_del(dir); eina_list_free(extra_dirs); @@ -455,8 +461,6 @@ main(int argc, char **argv) close(lockfd); return 0; error: - eina_tmpstr_del(file); - eina_tmpstr_del(util_file); IF_FREE(dir); edd_error: if (old_file_ids) diff --git a/src/bin/efreet/efreetd.c b/src/bin/efreet/efreetd.c index 414bb2cbf4..18fc500db1 100644 --- a/src/bin/efreet/efreetd.c +++ b/src/bin/efreet/efreetd.c @@ -26,22 +26,29 @@ quit(void) int main(int argc, char *argv[]) { + char path[PATH_MAX]; FILE *log; - int fd; + mode_t um; - if (!eina_init()) return 1; - - fd = eina_file_mkstemp("efreetd_XXXXXX", NULL); - if (fd < 0) + strcpy(path, "/tmp/efreetd_XXXXXX"); + um = umask(0077); + if (mkstemp(path) < 0) { - EINA_LOG_ERR("mkstemp"); - goto eina_error; + perror("mkstemp"); + umask(um); + return 1; + } + umask(um); + if (chmod(path, 0700) < 0) + { + perror("chmod"); + return 1; } - log = fdopen(fd, "wb"); - if (!log) - goto eina_error; + log = fopen(path, "wb"); + if (!log) return 1; + if (!eina_init()) return 1; eina_log_print_cb_set(eina_log_print_cb_file, log); efreetd_log_dom = eina_log_domain_register("efreetd", EFREETD_DEFAULT_LOG_COLOR); @@ -84,7 +91,6 @@ ecore_error: if (efreetd_log_dom >= 0) eina_log_domain_unregister(efreetd_log_dom); efreetd_log_dom = -1; -eina_error: eina_shutdown(); return 1; }