Preserve umask.

We set umask 077 to ensure that the become script is not readable by
other users.  Set the mask back to what it was beforehand.

diff --git a/opt/bin/became b/opt/bin/became
index ca1a523..940e26e 100755 (executable)
--- a/opt/bin/became
+++ b/opt/bin/became
@@ -1,7 +1,7 @@
 #!/bin/bash
 
 file="${TMPDIR:-/tmp}/$SUDO_USER.became.$USER.$RANDOM.$$"
-( umask 077; echo "unset ENV POSIXLY_CORRECT; set +o posix" > "$file"; cat >> "$file"; echo "/bin/rm -f '$file'" >> "$file" )
+( builtin umask 077; echo "unset ENV POSIXLY_CORRECT; set +o posix" > "$file"; cat >> "$file"; echo "/bin/rm -f '$file'" >> "$file" )
 exec </dev/tty env ENV="$file" POSIXLY_CORRECT=1 /bin/bash
 # Fall back to the shell.
 exec </dev/tty /bin/bash

diff --git a/opt/bin/become b/opt/bin/become
index 875bd0b..b6b2f20 100755 (executable)
--- a/opt/bin/become
+++ b/opt/bin/become
@@ -38,8 +38,10 @@ profile="$BECOME/$user"
 [ -f "$profile" ] || profile="$BECOME/all"
 
 file="${TMPDIR:-/tmp}/$USER.become.$user.$RANDOM.$$"
-umask 077
+umask=$(builtin umask -p)
+builtin umask 077
 if exec 3>"$file" && exec <"$file" && rm "$file"; then
+  builtin $umask
   echo >&3 "cd"
   echo >&3 "PROFILE_HOME='$HOME'"
   if [ -n "$PRINCIPAL" ]; then