commit 2e9aeae4dbc7bd45640ac472ee6ecb7eaf89fe8d
author Wolfram Sang <w.sang@pengutronix.de> Mon Nov 15 02:58:28 2010 +0100
committer Denys Vlasenko <vda.linux@googlemail.com> Mon Nov 15 02:58:28 2010 +0100
tree 77d6991b64e7b67820f9524c7b0f8a856b904d23
parent 6696eac274b5dcf5932b211fe9ee748d8268a39c

lineedit: create history files with mode 0600

Signed-off-by: Wolfram Sang <w.sang@pengutronix.de>
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>

libbb/lineedit.c

diff --git a/libbb/lineedit.c b/libbb/lineedit.c
index 68006ff..d6c3354 100644
--- a/libbb/lineedit.c
+++ b/libbb/lineedit.c
@@ -1336,7 +1336,7 @@
 	int fd;
 	int len, len2;
 
-	fd = open(state->hist_file, O_WRONLY | O_CREAT | O_APPEND, 0666);
+	fd = open(state->hist_file, O_WRONLY | O_CREAT | O_APPEND, 0600);
 	if (fd < 0)
 		return;
 	xlseek(fd, 0, SEEK_END); /* paranoia */
@@ -1351,10 +1351,8 @@
 	/* did we write so much that history file needs trimming? */
 	state->cnt_history_in_file++;
 	if (state->cnt_history_in_file > MAX_HISTORY * 4) {
-		FILE *fp;
 		char *new_name;
 		line_input_t *st_temp;
-		int i;
 
 		/* we may have concurrently written entries from others.
 		 * load them */
@@ -1364,8 +1362,12 @@
 
 		/* write out temp file and replace hist_file atomically */
 		new_name = xasprintf("%s.%u.new", state->hist_file, (int) getpid());
-		fp = fopen_for_write(new_name);
-		if (fp) {
+		fd = open(state->hist_file, O_WRONLY | O_CREAT | O_TRUNC, 0600);
+		if (fd >= 0) {
+			FILE *fp;
+			int i;
+
+			fp = xfdopen_for_write(fd);
 			for (i = 0; i < st_temp->cnt_history; i++)
 				fprintf(fp, "%s\n", st_temp->history[i]);
 			fclose(fp);