From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <e@80x24.org>
X-Spam-Checker-Version: SpamAssassin 3.4.2 (2018-09-13) on dcvr.yhbt.net
X-Spam-Level: 
X-Spam-ASN:  
X-Spam-Status: No, score=-4.0 required=3.0 tests=ALL_TRUSTED,BAYES_00
	shortcircuit=no autolearn=ham autolearn_force=no version=3.4.2
Received: from localhost (dcvr.yhbt.net [127.0.0.1])
	by dcvr.yhbt.net (Postfix) with ESMTP id C886B1F8C8
	for <meta@public-inbox.org>; Fri, 17 Sep 2021 12:12:30 +0000 (UTC)
From: Eric Wong <e@80x24.org>
To: meta@public-inbox.org
Subject: [PATCH] script/lei: umask(077) before execve
Date: Fri, 17 Sep 2021 07:12:30 -0500
Message-Id: <20210917121230.15341-1-e@80x24.org>
MIME-Version: 1.0
Content-Transfer-Encoding: 8bit
List-Id: <meta.public-inbox.org>

While my MUA also runs umask(077) unconditionally, not all
MUAs do.  Additionally, pagers may support writing its buffer
to disk, so ensure anything else we spawn has umask(077).
---
 script/lei | 1 +
 1 file changed, 1 insertion(+)

diff --git a/script/lei b/script/lei
index 2d84487a..591013e3 100755
--- a/script/lei
+++ b/script/lei
@@ -53,6 +53,7 @@ my $exec_cmd = sub {
 		}
 		my %env = map { split(/=/, $_, 2) } splice(@argv, $argc);
 		@ENV{keys %env} = values %env;
+		umask 077;
 		exec(@argv);
 		warn "exec: @argv: $!\n";
 		POSIX::_exit(1);