write_file: introduce O_NOFOLLOW, use sane mask

Don't follow symlinks when writing to a file. Don't create world-writable files. Bug: 10802869 Change-Id: Ifb55600d574307a535df878acb3347e02028cd30
author: Nick Kralevich <nnk@google.com> 2013-09-17 14:43:12 -0700
committer: Nick Kralevich <nnk@google.com> 2013-09-17 14:46:00 -0700
commit: 5535b05120fa3fd3d68a09e01284aba35cc6e058 (patch)
tree: 883ad4da63ed9b809fcb100f7366dd843f281bf0 /init
parent: 3a0d4b34816d65e21951f44e4d98a954c5c855ae (diff)
download: system_core-5535b05120fa3fd3d68a09e01284aba35cc6e058.zip
system_core-5535b05120fa3fd3d68a09e01284aba35cc6e058.tar.gz
system_core-5535b05120fa3fd3d68a09e01284aba35cc6e058.tar.bz2
1 files changed, 1 insertions, 1 deletions
diff --git a/init/builtins.c b/init/builtins.c
index bfc0ddb..e8c8f91 100644
--- a/init/builtins.c
+++ b/init/builtins.c
@@ -57,7 +57,7 @@ static int write_file(const char *path, const char *value)
 {
     int fd, ret, len;
 
-    fd = open(path, O_WRONLY|O_CREAT, 0622);
+    fd = open(path, O_WRONLY|O_CREAT|O_NOFOLLOW, 0600);
 
     if (fd < 0)
         return -errno;
author	Nick Kralevich <nnk@google.com>	2013-09-17 14:43:12 -0700
committer	Nick Kralevich <nnk@google.com>	2013-09-17 14:46:00 -0700
commit	5535b05120fa3fd3d68a09e01284aba35cc6e058 (patch)
tree	883ad4da63ed9b809fcb100f7366dd843f281bf0 /init
parent	3a0d4b34816d65e21951f44e4d98a954c5c855ae (diff)
download	system_core-5535b05120fa3fd3d68a09e01284aba35cc6e058.zip system_core-5535b05120fa3fd3d68a09e01284aba35cc6e058.tar.gz system_core-5535b05120fa3fd3d68a09e01284aba35cc6e058.tar.bz2