From 3f054d11e48eaf4b4bace38f44c39d7dad538320 Mon Sep 17 00:00:00 2001
From: Markus Uhlin <markus@nifty-networks.net>
Date: Sun, 3 Aug 2025 10:50:46 +0200
Subject: add_item: restricted file permissions (upon creation)

---
 FICS/adminproc.c | 10 +++++++++-
 1 file changed, 9 insertions(+), 1 deletion(-)

(limited to 'FICS/adminproc.c')

diff --git a/FICS/adminproc.c b/FICS/adminproc.c
index 2478cab..cca1a89 100644
--- a/FICS/adminproc.c
+++ b/FICS/adminproc.c
@@ -225,11 +225,19 @@ add_item(char *new_item, char *filename)
 	FILE	*new_fp, *old_fp;
 	char	 junk[MAX_LINE_SIZE] = { '\0' };
 	char	 tmp_file[MAX_FILENAME_SIZE] = { '\0' };
+	int	 fd;
 
 	msnprintf(tmp_file, sizeof tmp_file, "%s/.tmp.idx", news_dir);
 
-	if ((new_fp = fopen(tmp_file, "w")) == NULL)
+	fd = open(tmp_file, O_WRONLY|O_CREAT, S_IWUSR|S_IRUSR);
+
+	if (fd < 0)
+		return 0;
+	else if ((new_fp = fdopen(fd, "w")) == NULL) {
+		close(fd);
 		return 0;
+	}
+
 	fprintf(new_fp, "%s", new_item);
 
 	if ((old_fp = fopen(filename, "r")) == NULL)
-- 
cgit v1.2.3