From 788e82b56a4bdd1758e9887788b8fb818c9850a3 Mon Sep 17 00:00:00 2001
From: intrigeri <intrigeri@boum.org>
Date: Wed, 25 Jun 2008 09:54:45 +0000
Subject: [PATCH] dup: set secure permissions on tmpdir when creating it

---
 ChangeLog       | 4 ++--
 handlers/dup.in | 1 +
 2 files changed, 3 insertions(+), 2 deletions(-)

diff --git a/ChangeLog b/ChangeLog
index 73a38f1a..e1a88f42 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -21,8 +21,8 @@ version 0.9.6 -- unreleased
 	   new syntax.
 	 . Support every duplicity-supported transport with new configuration
 	   option desturl (Closes: #483712, #346040, Trac#2).
-	 .
-	Actually allow to backup only VServers, by relaxing $include test.
+	 . Actually allow to backup only VServers, by relaxing $include test.
+	 . Set secure permissions on tmpdir when creating it.
 	ldap:
 	 . support HDB backend just as the BDB one, and make message clearer
 	   when no supported backend is found (Closes: #476910)
diff --git a/handlers/dup.in b/handlers/dup.in
index 2854974d..89db671a 100644
--- a/handlers/dup.in
+++ b/handlers/dup.in
@@ -166,6 +166,7 @@ if [ -n "$tmpdir" ]; then
       info "Temporary directory ($tmpdir) does not exist, creating it."
       mkdir -p "$tmpdir"
       [ $? -eq 0 ] || fatal "Could not create temporary directory ($tmpdir)."
+      chmod 0700 "$tmpdir"
    fi
    info "Using $tmpdir as TMPDIR"
    precmd="${precmd}TMPDIR=$tmpdir "
-- 
GitLab