From c697b943d411e8f857a872301a3bb3980c750d5b Mon Sep 17 00:00:00 2001
From: Marcin Cieslak <saper@saper.info>
Date: Tue, 25 Sep 2012 16:50:23 +0200
Subject: [PATCH] Don't make /var group writable

* Use 0755 permissions for /var (not 0775)
  - this makes sendmail unhappy
* Don't change permissions on /var on dtlogin startup
---
 cde/programs/dtlogin/dm.c                      | 16 ++++++++--------
 cde/programs/dtsearchpath/dtappg/dtappgather.C |  4 ++--
 2 files changed, 10 insertions(+), 10 deletions(-)

diff --git a/cde/programs/dtlogin/dm.c b/cde/programs/dtlogin/dm.c
index 3c9fc6e6..9e7b960e 100644
--- a/cde/programs/dtlogin/dm.c
+++ b/cde/programs/dtlogin/dm.c
@@ -122,7 +122,7 @@ static long StorePid( void ) ;
 static void TerminateProcess( int pid, int sig) ;
 static void UnlockPidFile( void ) ;
 static void dtMakeDefaultDir( void );
-static void dtmkdir(char *dir, mode_t dir_mode);
+static void dtmkdir(char *dir, mode_t dir_mode, int force);
 
 
 
@@ -1877,15 +1877,15 @@ MarkShutdownTime( void )
 static void
 dtMakeDefaultDir( void )
 {
-    dtmkdir("/var", 0775);
-    dtmkdir("/var/dt", 0755);
-    dtmkdir("/var/dt/tmp", 0755);
-    dtmkdir("/var/dt/appconfig", 0755);
-    dtmkdir("/var/dt/appconfig/appmanager", 0755);
+    dtmkdir("/var", 0755, 0);
+    dtmkdir("/var/dt", 0755, 1);
+    dtmkdir("/var/dt/tmp", 0755, 1);
+    dtmkdir("/var/dt/appconfig", 0755, 1);
+    dtmkdir("/var/dt/appconfig/appmanager", 0755, 1);
 }
 
 static void
-dtmkdir(char *dir, mode_t dir_mode)
+dtmkdir(char *dir, mode_t dir_mode, int force)
 {
     struct stat file_status;
 
@@ -1898,7 +1898,7 @@ dtmkdir(char *dir, mode_t dir_mode)
             LogError((unsigned char *)"Unable to create dir %s\n", dir);
         }
     } else {
-        if ( (file_status.st_mode & dir_mode) != dir_mode) {
+        if ( force && (file_status.st_mode & dir_mode) != dir_mode) {
             /** try to set correct permissions **/
             if ( chmod(dir, file_status.st_mode | dir_mode) == 0) {
                 Debug("Set permissions on %s\n", dir);
diff --git a/cde/programs/dtsearchpath/dtappg/dtappgather.C b/cde/programs/dtsearchpath/dtappg/dtappgather.C
index ee09040d..45f37eb7 100644
--- a/cde/programs/dtsearchpath/dtappg/dtappgather.C
+++ b/cde/programs/dtsearchpath/dtappg/dtappgather.C
@@ -164,9 +164,9 @@ AppManagerDirectory::AppManagerDirectory
 	        if (!user->OS()->isDirectory(dir)) {   // does dt exist?
 		    dir.replace("/dt","");
 		    if (!user->OS()->isDirectory(dir)) {  // does /var exist?
-			user->OS()->MakeDirectory(dir,0775);
+			user->OS()->MakeDirectory(dir,0755);
 			user->OS()->changeOwnerGroup(dir,"root","other");
-			user->OS()->changePermissions(dir,0775);
+			user->OS()->changePermissions(dir,0755);
 		    }
 		    dir += "/dt";
 		    user->OS()->MakeDirectory(dir,0755);
-- 
2.25.1