fix anthill bug #50: ensure /etc/ppp/pap-secrets is not world readable

since it contains password/user mapping for dialup
author: Thierry Vignaud <tvignaud@mandriva.org> 2003-10-30 12:29:36 +0000
committer: Thierry Vignaud <tvignaud@mandriva.org> 2003-10-30 12:29:36 +0000
commit: 3782c0363f779072e73c4440862cd1ca563027bb (patch)
tree: 14400eff86daed20807087fdaf945c568995b32a
parent: 3a11dabcbabc4012138cd21f9d2273037aae74ac (diff)
download: drakx-3782c0363f779072e73c4440862cd1ca563027bb.tar
drakx-3782c0363f779072e73c4440862cd1ca563027bb.tar.gz
drakx-3782c0363f779072e73c4440862cd1ca563027bb.tar.bz2
drakx-3782c0363f779072e73c4440862cd1ca563027bb.tar.xz
drakx-3782c0363f779072e73c4440862cd1ca563027bb.zip
1 files changed, 4 insertions, 2 deletions
diff --git a/perl-install/network/tools.pm b/perl-install/network/tools.pm
index 993fe2c2a..59bd397ca 100644
--- a/perl-install/network/tools.pm
+++ b/perl-install/network/tools.pm
@@ -29,8 +29,10 @@ sub write_cnx_script {
 
 sub write_secret_backend {
     my ($a, $b) = @_;
-    foreach my $i ("pap-secrets", "chap-secrets") {
-	substInFile { s/^'$a'.*\n//; $_ .= "\n'$a' * '$b' * \n" if eof  } "$prefix/etc/ppp/$i";
+    foreach my $i ("$prefix/etc/ppp/pap-secrets", "$prefix/etc/ppp/chap-secrets") {
+	substInFile { s/^'$a'.*\n//; $_ .= "\n'$a' * '$b' * \n" if eof  } $i;
+	#- restore access right to secrets file, just in case.
+	chmod 0600, $i;
     }
 }
author	Thierry Vignaud <tvignaud@mandriva.org>	2003-10-30 12:29:36 +0000
committer	Thierry Vignaud <tvignaud@mandriva.org>	2003-10-30 12:29:36 +0000
commit	3782c0363f779072e73c4440862cd1ca563027bb (patch)
tree	14400eff86daed20807087fdaf945c568995b32a
parent	3a11dabcbabc4012138cd21f9d2273037aae74ac (diff)
download	drakx-3782c0363f779072e73c4440862cd1ca563027bb.tar drakx-3782c0363f779072e73c4440862cd1ca563027bb.tar.gz drakx-3782c0363f779072e73c4440862cd1ca563027bb.tar.bz2 drakx-3782c0363f779072e73c4440862cd1ca563027bb.tar.xz drakx-3782c0363f779072e73c4440862cd1ca563027bb.zip