Bug#796233: proftpd-basic: Aborting ftpasswd leaves passwd with world-readable permissions
Hilmar Preuße
hille42 at web.de
Fri Mar 3 20:37:46 UTC 2017
tag 796233 + fixed-upstream
# 1.3.6rc2
stop
On 20.08.2015 15:25, Fabian Schlager wrote:
Hi,
> When running ftpasswd (see [0] for the exact call), the script will
> change the permissions of the passwd file to 0644 before prompting for a
> password. Aborting it at the password prompt will cause the permissions
> to _NOT_ be changed back to 0440.
>
I notice the following code in ftpasswd from 1.3.6rc2:
# Install a SIGINT handler, for cases where Ctrl-C may be used to abort
# the prompt.
$SIG{INT} = sub {
# Restore the file permissions.
unless (chmod(0440, $output_file)) {
print STDERR "$program: unable to set permissions on
$output_file: $!";
}
# Restore the terminal echo behavior, too.
system "stty echo";
exit 1;
};
I guess this solves your problem, I tag that bug as fixed in upstream.
Hilmar
--
http://www.hilmar-preusse.de.vu/ #206401 http://counter.li.org
More information about the Pkg-proftpd-maintainers
mailing list