Wrong umask prevents temporary private key access

mekleo · web-flow · commit 8f8cea7d9834 · 2019-09-09T14:10:47.000+02:00
Hi,
umask 0600 prevents the user from reading his own temporary private key file.
0177 might be the intended mask.
Kind regards.
diff --git a/src/session_server_ssh.c b/src/session_server_ssh.c
@@ -46,7 +46,7 @@ base64der_key_to_tmp_file(const char *in, int rsa)
         return NULL;
     }
 
-    umode = umask(0600);
+    umode = umask(0177);
     fd = mkstemp(path);
     umask(umode);
     if (fd == -1) {

Original file line number	Diff line number	Diff line change
`@@ -46,7 +46,7 @@ base64der_key_to_tmp_file(const char *in, int rsa)`
`46`	`46`	`return NULL;`
`47`	`47`	`}`
`48`	`48`
`49`		`- umode = umask(0600);`
	`49`	`+ umode = umask(0177);`
`50`	`50`	`fd = mkstemp(path);`
`51`	`51`	`umask(umode);`
`52`	`52`	`if (fd == -1) {`