summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorThierry Vignaud <tvignaud@mandriva.org>2003-10-30 12:30:22 +0000
committerThierry Vignaud <tvignaud@mandriva.org>2003-10-30 12:30:22 +0000
commit375fcd7fc379f0277d1e918224cd5b7692f849d5 (patch)
tree052bcb392a72d98c29cd561cdf9bb97fc0eca42d
parentecefc07571233fc0d474ceea79740704a6d30ba7 (diff)
downloaddrakx-375fcd7fc379f0277d1e918224cd5b7692f849d5.tar
drakx-375fcd7fc379f0277d1e918224cd5b7692f849d5.tar.gz
drakx-375fcd7fc379f0277d1e918224cd5b7692f849d5.tar.bz2
drakx-375fcd7fc379f0277d1e918224cd5b7692f849d5.tar.xz
drakx-375fcd7fc379f0277d1e918224cd5b7692f849d5.zip
fix anthill bug #50: ensure /etc/ppp/pap-secrets is not world readable
since it contains password/user mapping for dialup
-rw-r--r--perl-install/network/tools.pm6
1 files changed, 4 insertions, 2 deletions
diff --git a/perl-install/network/tools.pm b/perl-install/network/tools.pm
index 6f9a1ff52..c330ff948 100644
--- a/perl-install/network/tools.pm
+++ b/perl-install/network/tools.pm
@@ -29,8 +29,10 @@ sub write_cnx_script {
sub write_secret_backend {
my ($a, $b) = @_;
- foreach my $i ("pap-secrets", "chap-secrets") {
- substInFile { s/^'$a'.*\n//; $_ .= "\n'$a' * '$b' * \n" if eof } "$prefix/etc/ppp/$i";
+ foreach my $i ("$prefix/etc/ppp/pap-secrets", "$prefix/etc/ppp/chap-secrets") {
+ substInFile { s/^'$a'.*\n//; $_ .= "\n'$a' * '$b' * \n" if eof } $i;
+ #- restore access right to secrets file, just in case.
+ chmod 0600, $i;
}
}