summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorJouke Witteveen <j.witteveen@gmail.com>2013-10-21 23:58:11 +0200
committerJouke Witteveen <j.witteveen@gmail.com>2013-10-23 01:43:26 +0200
commit8a414978b39e784fdabf6895985acc0e054d235c (patch)
treed5cb11c028e4e1952adf438e8f72cb71aed77c52
parent755c8d5afdaca08ca1732765f30370f752259d4b (diff)
downloadnetctl-8a414978b39e784fdabf6895985acc0e054d235c.tar.gz
netctl-8a414978b39e784fdabf6895985acc0e054d235c.tar.xz
Set a global restrictive umask
Netctl files can potentially contain passwords or execute code as root.
-rw-r--r--src/lib/globals2
-rw-r--r--src/lib/wpa1
2 files changed, 2 insertions, 1 deletions
diff --git a/src/lib/globals b/src/lib/globals
index 5926472..a2a281f 100644
--- a/src/lib/globals
+++ b/src/lib/globals
@@ -5,6 +5,8 @@ CONN_DIR="$SUBR_DIR/connections"
STATE_DIR="/run/network"
STATE_FILE="${NETCTL_STATE_FILE:-/var/lib/netctl/netctl.state}"
+umask 077
+
### Logging/Error reporting
diff --git a/src/lib/wpa b/src/lib/wpa
index dea95d5..6f21c0f 100644
--- a/src/lib/wpa
+++ b/src/lib/wpa
@@ -198,7 +198,6 @@ wpa_make_config_file() {
report_debug "Could not create the configuration file '$config_file'"
return 1
fi
- chmod 600 "$config_file"
echo "ctrl_interface=/run/wpa_supplicant" >> "$config_file"
echo "ctrl_interface_group=${WPAGroup:-wheel}" >> "$config_file"