Stop attempting to make session logs private on Unix. This was introduced in

r7084 at the same time as sensible permissions when writing private key files; however, it causes an assertion failure whenever an attempt is made to append to an existing log file on Unix, and it's not clear what "is_private" *should* do for append, so revert to log file security being the user's responsibility. (Fixes Ubuntu LP#212711.) [originally from svn r8461] [r7084 == 4fa9564c90]
2025-01-09 17:38:00 +00:00 · 2009-02-23 22:40:09 +00:00 · 2009-02-23 22:40:09 +00:00 · 40be9eeedd
commit 40be9eeedd
parent 35e004ffee
2 changed files with 3 additions and 2 deletions
--- a/logging.c
+++ b/logging.c
@ -85,7 +85,7 @@ static void logfopen_callback(void *handle, int mode)
 	ctx->state = L_ERROR;	       /* disable logging */
    } else {
 	fmode = (mode == 1 ? "ab" : "wb");
-	ctx->lgfp = f_open(ctx->currlogfilename, fmode, TRUE);
+	ctx->lgfp = f_open(ctx->currlogfilename, fmode, FALSE);
 	if (ctx->lgfp)
 	    ctx->state = L_OPEN;
 	else
--- a/unix/uxmisc.c
+++ b/unix/uxmisc.c
@ -141,7 +141,8 @@ FILE *f_open(struct Filename filename, char const *mode, int is_private)
 	return fopen(filename.path, mode);
    } else {
 	int fd;
-	assert(mode[0] == 'w');	       /* is_private is meaningless for read */
+	assert(mode[0] == 'w');	       /* is_private is meaningless for read,
+					  and tricky for append */
 	fd = open(filename.path, O_WRONLY | O_CREAT | O_TRUNC,
 		      0700);
 	if (fd < 0)