Sign Up
Log In
Log In
or
Sign Up
Places
All Projects
Status Monitor
Collapse sidebar
SUSE:SLE-12-SP2:GA
mdadm.5365
0003-mdmon-ensure-Unix-domain-socket-is-created...
Overview
Repositories
Revisions
Requests
Users
Attributes
Meta
File 0003-mdmon-ensure-Unix-domain-socket-is-created-with-safe.patch of Package mdadm.5365
From 120ec6f7b96455e42bdfa9131c0c9026c57eaf19 Mon Sep 17 00:00:00 2001 From: NeilBrown <neilb@suse.de> Date: Thu, 3 Jul 2014 17:06:45 +1000 Subject: [PATCH 009/359] mdmon: ensure Unix domain socket is created with safe permissions. References: bsc#1081910 In the unlikely case that mdmon is started with an overly permissive umask, we don't want to risk giving away world acccess. All other "mkdir" and "O_CREAT" calls in mdmon and mdadm set a suitably restrictive permission mask. 'bind' don't take an explicit mask so it needs an implicit one. Reported-by: Vincent Berg <vberg@ioactive.com> Signed-off-by: NeilBrown <neilb@suse.de> Signed-off-by: Coly Li <colyli@suse.de> --- mdmon.c | 1 + 1 file changed, 1 insertion(+) diff --git a/mdmon.c b/mdmon.c index b84d4d9..21221cd 100644 --- a/mdmon.c +++ b/mdmon.c @@ -232,6 +232,7 @@ static int make_control_sock(char *devname) addr.sun_family = PF_LOCAL; strcpy(addr.sun_path, path); + umask(077); /* ensure no world write access */ if (bind(sfd, &addr, sizeof(addr)) < 0) { close(sfd); return -1; -- 2.16.1
Locations
Projects
Search
Status Monitor
Help
OpenBuildService.org
Documentation
API Documentation
Code of Conduct
Contact
Support
@OBShq
Terms
openSUSE Build Service is sponsored by
The Open Build Service is an
openSUSE project
.
Sign Up
Log In
Places
Places
All Projects
Status Monitor