Stop attempting to make session logs private on Unix. This was introduced in

r7084 at the same time as sensible permissions when writing private key files;
however, it causes an assertion failure whenever an attempt is made to append
to an existing log file on Unix, and it's not clear what "is_private" *should*
do for append, so revert to log file security being the user's responsibility.
(Fixes Ubuntu LP#212711.)

[originally from svn r8461]
[r7084 == 4fa9564c909c589bcccc95d57fae5469063c1759]

diff --git a/logging.c b/logging.c
index 17924c5a590367d08d060801062cf229b51eaa1d..f1e3729585d29aa1663855cfcaf3d29572cbb36d 100644 (file)
--- a/logging.c
+++ b/logging.c
@@ -85,7 +85,7 @@ static void logfopen_callback(void *handle, int mode)
        ctx->state = L_ERROR;          /* disable logging */
     } else {
        fmode = (mode == 1 ? "ab" : "wb");
-       ctx->lgfp = f_open(ctx->currlogfilename, fmode, TRUE);
+       ctx->lgfp = f_open(ctx->currlogfilename, fmode, FALSE);
        if (ctx->lgfp)
            ctx->state = L_OPEN;
        else

diff --git a/unix/uxmisc.c b/unix/uxmisc.c
index 4c6a76707d1f77484d975d39f272c953e74932fe..dd04e6f5d09c83ddf91781143d920e106a6c5d28 100644 (file)
--- a/unix/uxmisc.c
+++ b/unix/uxmisc.c
@@ -141,7 +141,8 @@ FILE *f_open(struct Filename filename, char const *mode, int is_private)
        return fopen(filename.path, mode);
     } else {
        int fd;
-       assert(mode[0] == 'w');        /* is_private is meaningless for read */
+       assert(mode[0] == 'w');        /* is_private is meaningless for read,
+                                         and tricky for append */
        fd = open(filename.path, O_WRONLY | O_CREAT | O_TRUNC,
                      0700);
        if (fd < 0)