From d70f04d50bc65dfd839316dbe2668ff195cf1fef Mon Sep 17 00:00:00 2001
From: Jakub Filak <jfilak@redhat.com>
Date: Tue, 28 Apr 2015 12:49:38 +0200
Subject: [PATCH] build: switch the default dump dir mode to 0640

The 0660 allows root escalations in ABRT. We don't really need to have
the dump directories writable for the group as ABRT processes run under
root. We introduced 0x1 for group with the switch to /var/tmp/abrt
because we thought that we will have ABRT processes run under the user
abrt, but there are no signs that we will ever pursue such a setup.

Related: #1212861

Signed-off-by: Jakub Filak <jfilak@redhat.com>
---
 configure.ac | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/configure.ac b/configure.ac
index 01d9f83..4f7e504 100644
--- a/configure.ac
+++ b/configure.ac
@@ -282,8 +282,8 @@ AC_PATH_PROG(AUGPARSE, augparse, no)
 
 AC_ARG_WITH([defaultdumpdirmode],
             AS_HELP_STRING([--with-defaultdumpdirmode=OCTAL-MODE],
-                           [Default dump dir mode (default: 0660)]),
-            [], [with_defaultdumpdirmode="0660"])
+                           [Default dump dir mode (default: 0640)]),
+            [], [with_defaultdumpdirmode="0640"])
 AC_SUBST([DEFAULT_DUMP_DIR_MODE], [$with_defaultdumpdirmode])
 
 DUMP_DIR_OWNED_BY_USER=1
-- 
2.1.0