From a2d73e8bf2ec754f98daeba0f1450cdc75f421f9 Mon Sep 17 00:00:00 2001
From: Steve Bennett <steveb@workware.net.au>
Date: Wed, 7 Sep 2016 13:59:05 +1000
Subject: jim-intereactive: reduce permissions on saved history file

When creating ~/.jim_history, set permissions to 0600 for security

Signed-off-by: Steve Bennett <steveb@workware.net.au>
---
 jim-interactive.c | 5 +++++
 1 file changed, 5 insertions(+)

(limited to 'jim-interactive.c')

diff --git a/jim-interactive.c b/jim-interactive.c
index 78f5470..1d16ce0 100644
--- a/jim-interactive.c
+++ b/jim-interactive.c
@@ -7,6 +7,7 @@
 #ifdef USE_LINENOISE
 #ifdef HAVE_UNISTD_H
     #include <unistd.h>
+    #include <sys/stat.h>
 #endif
 #include "linenoise.h"
 #else
@@ -56,7 +57,11 @@ void Jim_HistoryAdd(const char *line)
 void Jim_HistorySave(const char *filename)
 {
 #ifdef USE_LINENOISE
+    mode_t mask;
+    /* Just u=rw, but note that this is only effective for newly created files */
+    mask = umask(S_IXUSR | S_IRWXG | S_IRWXO);
     linenoiseHistorySave(filename);
+    mask = umask(mask);
 #endif
 }
 
-- 
cgit v1.1