fdo-mirrors/NetworkManager
1
0
Fork 0
mirror of https://gitlab.freedesktop.org/NetworkManager/NetworkManager.git synced 2026-06-10 13:48:25 +02:00
Code Issues Projects Releases Packages Wiki Activity Actions

libnm: use correct directory permissions in nm_utils_copy_cert_as_user

Browse source 
This patch fixes https://gitlab.freedesktop.org/NetworkManager/NetworkManager/-/work_items/1957.

At the moment, libnm creates the temporary certificate directory
with permission 0600.

Some NM plugins drop most of their capabilities (including CAP_DAC_OVERRIDE)
on startup and so, even when running as root, they can't create files
in that directory (since the execute permission is missing).

This patch sets the permission to 0700 to fix the problem.

Fixes: 1a52bbe7c9 ('libnm: add function to copy a certificate or key as user')
This commit is contained in:
Christian Krause 2026-06-02 22:28:51 +02:00 committed by Beniamino Galvani
parent 9618527fed
commit 0d0b03e7d3
1 changed files with 1 additions and 1 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

2
src/libnm-core-impl/nm-utils.c
View file

@ -6506,7 +6506,7 @@ nm_utils_copy_cert_as_user(const char *filename, const char *user, GError **erro
nm_str_buf_destroy(&info.output_buffer);
nm_str_buf_destroy(&info.error_buffer);
mkdir(RUN_CERT_DIR, 0600);
mkdir(RUN_CERT_DIR, 0700);
fd = mkstemp(dst_path);
if (fd < 0) {
g_set_error_literal(error,