From 6b126bfc40ba416746e4d30edb0b6b72c21c8b10 Mon Sep 17 00:00:00 2001
From: Robbie Harwood <rharwood@redhat.com>
Date: Tue, 23 Aug 2016 16:58:44 -0400
Subject: [PATCH] Create KDC and kadmind log files with mode 0640

In krb5_klog_init(), use open() and fdopen() to open log files so that
we can specify a mode.  Specify a mode which doesn't include the
group-write, other-read, or other-write bits even if the process umask
allows them.

[ghudson@mit.edu: wrote commit message, de-indented post-open setup
code]
[rharwood@redhat.com: backport not clean due to SELinux patching]

ticket: 8344 (new)
---
 src/lib/kadm5/logger.c | 21 ++++++++++++---------
 1 file changed, 12 insertions(+), 9 deletions(-)

diff --git a/src/lib/kadm5/logger.c b/src/lib/kadm5/logger.c
index 64f9641..0517efe 100644
--- a/src/lib/kadm5/logger.c
+++ b/src/lib/kadm5/logger.c
@@ -354,7 +354,7 @@ krb5_klog_init(krb5_context kcontext, char *ename, char *whoami, krb5_boolean do
     const char  *logging_profent[3];
     const char  *logging_defent[3];
     char        **logging_specs;
-    int         i, ngood;
+    int         i, ngood, fd, append;
     char        *cp, *cp2;
     char        savec = '\0';
     int         error;
@@ -422,18 +422,21 @@ krb5_klog_init(krb5_context kcontext, char *ename, char *whoami, krb5_boolean do
                     /*
                      * Check for append/overwrite, then open the file.
                      */
-                    if (cp[4] == ':' || cp[4] == '=') {
-                        f = WRITABLEFOPEN(&cp[5], (cp[4] == ':') ? "a" : "w");
-                        if (f) {
-                            set_cloexec_file(f);
-                            log_control.log_entries[i].lfu_filep = f;
-                            log_control.log_entries[i].log_type = K_LOG_FILE;
-                            log_control.log_entries[i].lfu_fname = &cp[5];
-                        } else {
+                    append = (cp[4] == ':') ? O_APPEND : 0;
+                    if (append || cp[4] == '=') {
+                        fd = THREEPARAMOPEN(&cp[5], O_CREAT | O_WRONLY | append,
+                                  S_IRUSR | S_IWUSR | S_IRGRP);
+                        if (fd != -1)
+                            f = fdopen(fd, append ? "a" : "w");
+                        if (fd == -1 || f == NULL) {
                             fprintf(stderr,"Couldn't open log file %s: %s\n",
                                     &cp[5], error_message(errno));
                             continue;
                         }
+                        set_cloexec_file(f);
+                        log_control.log_entries[i].lfu_filep = f;
+                        log_control.log_entries[i].log_type = K_LOG_FILE;
+                        log_control.log_entries[i].lfu_fname = &cp[5];
                     }
                 }
 #ifdef  HAVE_SYSLOG
-- 
2.9.3