Skip to Content [alt-c]
In reply to Comment by Reader Pi
No, umask is actually not a concern because any decent temporary file implementation creates the file with restrictive permissions (0600). Besides, the setuid program could always set its own predictable umask.
Agreed that you should just use sudo if you can, especially if you have no experience writing secure set[ug]id programs. Using sudo is not always feasible though, especially since it depends on your sysadmin to set up rules. For example, using sudo would have been totally infeasible for the use case presented here, since each course needs its own grading database.
Reply
Your comment will be public. To contact me privately, email me. Please keep your comment polite, on-topic, and comprehensible. Your comment may be held for moderation before being published.
Your Name: (Optional; will be published)
Your Email Address: (Optional; will not be published)
Your Website: (Optional; will be published)
>
monospaced
Post a Reply
Your comment will be public. To contact me privately, email me. Please keep your comment polite, on-topic, and comprehensible. Your comment may be held for moderation before being published.