From 8a414978b39e784fdabf6895985acc0e054d235c Mon Sep 17 00:00:00 2001
From: Jouke Witteveen <j.witteveen@gmail.com>
Date: Mon, 21 Oct 2013 23:58:11 +0200
Subject: Set a global restrictive umask

Netctl files can potentially contain passwords or execute code as root.
---
 src/lib/globals | 2 ++
 1 file changed, 2 insertions(+)

(limited to 'src/lib/globals')

diff --git a/src/lib/globals b/src/lib/globals
index 5926472..a2a281f 100644
--- a/src/lib/globals
+++ b/src/lib/globals
@@ -5,6 +5,8 @@ CONN_DIR="$SUBR_DIR/connections"
 STATE_DIR="/run/network"
 STATE_FILE="${NETCTL_STATE_FILE:-/var/lib/netctl/netctl.state}"
 
+umask 077
+
 
 ### Logging/Error reporting
 
-- 
cgit v1.2.3-24-g4f1b