summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorThierry Vignaud <tvignaud@mandriva.org>2003-10-30 12:29:36 +0000
committerThierry Vignaud <tvignaud@mandriva.org>2003-10-30 12:29:36 +0000
commit3782c0363f779072e73c4440862cd1ca563027bb (patch)
tree14400eff86daed20807087fdaf945c568995b32a
parent3a11dabcbabc4012138cd21f9d2273037aae74ac (diff)
downloaddrakx-3782c0363f779072e73c4440862cd1ca563027bb.tar
drakx-3782c0363f779072e73c4440862cd1ca563027bb.tar.gz
drakx-3782c0363f779072e73c4440862cd1ca563027bb.tar.bz2
drakx-3782c0363f779072e73c4440862cd1ca563027bb.tar.xz
drakx-3782c0363f779072e73c4440862cd1ca563027bb.zip
fix anthill bug #50: ensure /etc/ppp/pap-secrets is not world readable
since it contains password/user mapping for dialup
-rw-r--r--perl-install/network/tools.pm6
1 files changed, 4 insertions, 2 deletions
diff --git a/perl-install/network/tools.pm b/perl-install/network/tools.pm
index 993fe2c2a..59bd397ca 100644
--- a/perl-install/network/tools.pm
+++ b/perl-install/network/tools.pm
@@ -29,8 +29,10 @@ sub write_cnx_script {
sub write_secret_backend {
my ($a, $b) = @_;
- foreach my $i ("pap-secrets", "chap-secrets") {
- substInFile { s/^'$a'.*\n//; $_ .= "\n'$a' * '$b' * \n" if eof } "$prefix/etc/ppp/$i";
+ foreach my $i ("$prefix/etc/ppp/pap-secrets", "$prefix/etc/ppp/chap-secrets") {
+ substInFile { s/^'$a'.*\n//; $_ .= "\n'$a' * '$b' * \n" if eof } $i;
+ #- restore access right to secrets file, just in case.
+ chmod 0600, $i;
}
}