From 5ed7f6ac0a3c8ee433ea0a20be9554cbf98a4f51 Mon Sep 17 00:00:00 2001
From: Zdenek Styblik <zdenek.styblik@gmail.com>
Date: Tue, 24 Jan 2012 13:26:56 +0000
Subject: [PATCH] Fixes CVE-2011-4339 - world writeable PID file

Adds proper umask() before writing PID file.
---
 ipmitool/src/ipmievd.c | 1 +
 1 file changed, 1 insertion(+)

diff --git a/ipmitool/src/ipmievd.c b/ipmitool/src/ipmievd.c
index 6fe1537..f5a2613 100644
--- a/ipmitool/src/ipmievd.c
+++ b/ipmitool/src/ipmievd.c
@@ -746,6 +746,7 @@ ipmievd_main(struct ipmi_event_intf * eintf, int argc, char ** argv)
 			}
 		}
 
+		umask(022);
 		fp = ipmi_open_file_write(pidfile);
 		if (fp != NULL) {
 			fprintf(fp, "%d\n", (int)getpid());