use umask() to set up file permissions

author: /C=EU/ST=EU/CN=Pablo Neira Ayuso/emailAddress=pablo@netfilter.org </C=EU/ST=EU/CN=Pablo Neira Ayuso/emailAddress=pablo@netfilter.org> 2008-01-15 15:50:53 +0000
committer: /C=EU/ST=EU/CN=Pablo Neira Ayuso/emailAddress=pablo@netfilter.org </C=EU/ST=EU/CN=Pablo Neira Ayuso/emailAddress=pablo@netfilter.org> 2008-01-15 15:50:53 +0000
commit: 192004bf643733b63ea0a364ff8dde47cf368144 (patch)
tree: 33aa8244cfad78a587158403745371081ce70f0c /src/main.c
parent: 5b4129a89e9fa3ea3b5d57fc362f682aa85abfc7 (diff)
1 files changed, 4 insertions, 1 deletions
diff --git a/src/main.c b/src/main.c
index 11974ff..a4ee307 100644
--- a/src/main.c
+++ b/src/main.c
@@ -239,6 +239,8 @@ int main(int argc, char *argv[])
 	if (config_set == 0)
 		strcpy(config_file, DEFAULT_CONFIGFILE);
 
+	umask(0177);
+
 	if ((ret = init_config(config_file)) == -1) {
 		fprintf(stderr, "can't open config file `%s'\n", config_file);
 		exit(EXIT_FAILURE);
@@ -262,7 +264,8 @@ int main(int argc, char *argv[])
 	/*
 	 * lock file
 	 */
-	if ((ret = open(CONFIG(lockfile), O_CREAT | O_EXCL | O_TRUNC)) == -1) {
+	ret = open(CONFIG(lockfile), O_CREAT | O_EXCL | O_TRUNC, 0600);
+	if (ret == -1) {
 		fprintf(stderr, "lockfile `%s' exists, perhaps conntrackd "
 			        "already running?\n", CONFIG(lockfile));
 		exit(EXIT_FAILURE);
author	/C=EU/ST=EU/CN=Pablo Neira Ayuso/emailAddress=pablo@netfilter.org </C=EU/ST=EU/CN=Pablo Neira Ayuso/emailAddress=pablo@netfilter.org>	2008-01-15 15:50:53 +0000
committer	/C=EU/ST=EU/CN=Pablo Neira Ayuso/emailAddress=pablo@netfilter.org </C=EU/ST=EU/CN=Pablo Neira Ayuso/emailAddress=pablo@netfilter.org>	2008-01-15 15:50:53 +0000
commit	192004bf643733b63ea0a364ff8dde47cf368144 (patch)
tree	33aa8244cfad78a587158403745371081ce70f0c /src/main.c
parent	5b4129a89e9fa3ea3b5d57fc362f682aa85abfc7 (diff)