X-Git-Url: https://www.tinc-vpn.org/git/browse?a=blobdiff_plain;f=src%2Fcontrol.c;h=84098be5388471129c887c0e6220eb9dddd102b0;hb=a38e0d621397d6d69c939ccc287d5a803b668195;hp=539ff3605993c3c3bb80033e5140e2f53b6320de;hpb=cc3c69c892b0dad9a6ece0a0f4ccd429a22fcbff;p=tinc

diff --git a/src/control.c b/src/control.c
index 539ff360..84098be5 100644
--- a/src/control.c
+++ b/src/control.c
@@ -137,17 +137,16 @@ bool init_control(void) {
 	randomize(controlcookie, sizeof controlcookie / 2);
 	bin2hex(controlcookie, controlcookie, sizeof controlcookie / 2);
 
+	mode_t mask = umask(0);
+	umask(mask | 077);
 	FILE *f = fopen(pidfilename, "w");
+	umask(mask);
+
 	if(!f) {
 		logger(DEBUG_ALWAYS, LOG_ERR, "Cannot write control socket cookie file %s: %s", pidfilename, strerror(errno));
 		return false;
 	}
 
-#ifdef HAVE_FCHMOD
-	fchmod(fileno(f), 0600);
-#else
-	chmod(pidfilename, 0600);
-#endif
 	// Get the address and port of the first listening socket
 
 	char *localhost = NULL;
@@ -157,7 +156,7 @@ bool init_control(void) {
 	// Make sure we have a valid address, and map 0.0.0.0 and :: to 127.0.0.1 and ::1.
 
 	if(getsockname(listen_socket[0].tcp.fd, (struct sockaddr *)&sa, &len)) {
-		xasprintf(&localhost, "127.0.0.1 port %d", myport);
+		xasprintf(&localhost, "127.0.0.1 port %s", myport);
 	} else {
 		if(sa.sa.sa_family == AF_INET) {
 			if(sa.in.sin_addr.s_addr == 0)