file: preserve original file mode after commit

Because mkstemp() create a file with mode 0600, only user doing
the commit (typically root) will be allowed to inspect the content
of the file after uci commit.

Signed-off-by: Alin Nastac <alin.nastac@gmail.com>

diff --git a/file.c b/file.c
index 3ac49c6edaf31eb081e805329605adc05502cf4d..6486de9c422971e6b886a2b5f2f9ef2fd0200423 100644 (file)
--- a/file.c
+++ b/file.c
@@ -724,6 +724,7 @@ static void uci_file_commit(struct uci_context *ctx, struct uci_package **packag
        char *volatile name = NULL;
        char *volatile path = NULL;
        char *filename = NULL;
+       struct stat statbuf;
        volatile bool do_rename = false;
        int fd;
 
@@ -801,7 +802,7 @@ done:
        uci_close_stream(f1);
        if (do_rename) {
                path = realpath(p->path, NULL);
-               if (!path || rename(filename, path)) {
+               if (!path || stat(path, &statbuf) || chmod(filename, statbuf.st_mode) || rename(filename, path)) {
                        unlink(filename);
                        UCI_THROW(ctx, UCI_ERR_IO);
                }