Create logfiles in mode 0640

Patch from toralf; closes 21729.
author: Nick Mathewson <nickm@torproject.org> 2017-03-14 11:36:53 -0400
committer: Nick Mathewson <nickm@torproject.org> 2017-03-14 11:36:53 -0400
commit: c000c7d118728abea6e03ddde1862e2dcf784166 (patch)
tree: 3211a6ee00fe42f1b635037c9e34e4bc0a74f57e
parent: 99ec44de45e6fb38af0a99b82728f7d359ca5bf5 (diff)
download: tor-c000c7d118728abea6e03ddde1862e2dcf784166.tar.gz
tor-c000c7d118728abea6e03ddde1862e2dcf784166.zip
2 files changed, 8 insertions, 1 deletions
diff --git a/changes/ticket21729 b/changes/ticket21729
new file mode 100644
index 0000000000..51d117311b
--- /dev/null
+++ b/changes/ticket21729
@@ -0,0 +1,7 @@
+  o Minor features (logging):
+    - Log files are no longer created world-readable by default.
+      (Previously, most distributors would store the logs in a
+      non-world-readable location to prevent inappropriate access. This
+      change is an extra precaution.)  Closes ticket 21729; patch from
+      toralf.
+
diff --git a/src/common/log.c b/src/common/log.c
index 5f7151bf0c..f679336a90 100644
--- a/src/common/log.c
+++ b/src/common/log.c
@@ -1086,7 +1086,7 @@ add_file_log(const log_severity_list_t *severity, const char *filename,
   int open_flags = O_WRONLY|O_CREAT;
   open_flags |= truncate_log ? O_TRUNC : O_APPEND;
 
-  fd = tor_open_cloexec(filename, open_flags, 0644);
+  fd = tor_open_cloexec(filename, open_flags, 0640);
   if (fd<0)
     return -1;
   if (tor_fd_seekend(fd)<0) {
author	Nick Mathewson <nickm@torproject.org>	2017-03-14 11:36:53 -0400
committer	Nick Mathewson <nickm@torproject.org>	2017-03-14 11:36:53 -0400
commit	c000c7d118728abea6e03ddde1862e2dcf784166 (patch)
tree	3211a6ee00fe42f1b635037c9e34e4bc0a74f57e
parent	99ec44de45e6fb38af0a99b82728f7d359ca5bf5 (diff)
download	tor-c000c7d118728abea6e03ddde1862e2dcf784166.tar.gz tor-c000c7d118728abea6e03ddde1862e2dcf784166.zip