From c962918bc70a61a8cc647898ee8b1ff1c14a87c5 Mon Sep 17 00:00:00 2001
From: Jakub Filak <jfilak@redhat.com>
Date: Tue, 28 Apr 2015 12:49:38 +0200
Subject: [LIBREPORT PATCH] build: switch the default dump dir mode to 0640

The 0660 allows root escalations in ABRT. We don't really need to have
the dump directories writable for the group as ABRT processes run under
root. We introduced 0x1 for group with the switch to /var/tmp/abrt
because we thought that we will have ABRT processes run under the user
abrt, but there are no signs that we will ever pursue such a setup.

Related: #1212861

Signed-off-by: Jakub Filak <jfilak@redhat.com>
---
 configure.ac | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/configure.ac b/configure.ac
index df88240..8aea410 100644
--- a/configure.ac
+++ b/configure.ac
@@ -249,8 +249,8 @@ AC_PATH_PROG(AUGPARSE, augparse, no)
 
 AC_ARG_WITH([defaultdumpdirmode],
             AS_HELP_STRING([--with-defaultdumpdirmode=OCTAL-MODE],
-                           [Default dump dir mode (default: 0660)]),
-            [], [with_defaultdumpdirmode="0660"])
+                           [Default dump dir mode (default: 0640)]),
+            [], [with_defaultdumpdirmode="0640"])
 AC_SUBST([DEFAULT_DUMP_DIR_MODE], [$with_defaultdumpdirmode])
 
 DUMP_DIR_OWNED_BY_USER=1
-- 
1.8.3.1