From 974d151ef8587d5ba3b6442eec500fefb18b4a9c Mon Sep 17 00:00:00 2001
From: "/C=EU/ST=EU/CN=Pablo Neira Ayuso/emailAddress=pablo@netfilter.org"
 </C=EU/ST=EU/CN=Pablo Neira Ayuso/emailAddress=pablo@netfilter.org>
Date: Sat, 5 Jan 2008 17:21:28 +0000
Subject: fix logfiles permissions, do not default to umask

---
 src/log.c | 38 ++++++++++++++++++++++++++++++++------
 1 file changed, 32 insertions(+), 6 deletions(-)

(limited to 'src/log.c')

diff --git a/src/log.c b/src/log.c
index 3e3dd12..176bdcd 100644
--- a/src/log.c
+++ b/src/log.c
@@ -19,28 +19,54 @@
  */
 
 #include <stdio.h>
+#include <sys/types.h>
+#include <sys/stat.h>
+#include <fcntl.h>
 #include <time.h>
 #include <stdarg.h>
 #include <string.h>
+#include <errno.h>
 #include "buffer.h"
 #include "conntrackd.h"
 
 int init_log(void)
 {
 	if (CONFIG(logfile)[0]) {
-		STATE(log) = fopen(CONFIG(logfile), "a+");
+		int fd;
+		
+		fd = open(CONFIG(logfile), O_CREAT | O_RDWR, 0600);
+		if (fd == -1) {
+			fprintf(stderr, "ERROR: can't open logfile `%s'."
+				"Reason: %s\n", CONFIG(logfile), 
+						strerror(errno));
+			return -1;
+		}
+
+		STATE(log) = fdopen(fd, "a+");
 		if (STATE(log) == NULL) {
-			fprintf(stderr, "can't open log file `%s'\n", 
-				CONFIG(logfile));
+			fprintf(stderr, "ERROR: can't open logfile `%s'."
+				"Reason: %s\n", CONFIG(logfile), 
+						strerror(errno));
 			return -1;
 		}
 	}
 
 	if (CONFIG(stats).logfile[0]) {
-		STATE(stats_log) = fopen(CONFIG(stats).logfile, "a+");
+		int fd;
+		
+		fd = open(CONFIG(stats).logfile, O_CREAT | O_RDWR, 0600);
+		if (fd == -1) {
+			fprintf(stderr, "ERROR: can't open logfile `%s'."
+				"Reason: %s\n", CONFIG(stats).logfile, 
+						strerror(errno));
+			return -1;
+		}
+
+		STATE(stats_log) = fdopen(fd, "a+");
 		if (STATE(stats_log) == NULL) {
-			fprintf(stderr, "can't open log file `%s'\n", 
-				CONFIG(stats).logfile);
+			fprintf(stderr, "ERROR: can't open logfile `%s'."
+				"Reason: %s\n", CONFIG(stats).logfile, 
+						strerror(errno));
 			return -1;
 		}
 	}
-- 
cgit v1.2.3