projects
/
tinc
/ blobdiff
commit
grep
author
committer
pickaxe
?
search:
re
summary
|
shortlog
|
log
|
commit
|
commitdiff
|
tree
raw
|
inline
| side by side
Use umask() to set file and UNIX socket permissions without race conditions.
[tinc]
/
src
/
net_setup.c
diff --git
a/src/net_setup.c
b/src/net_setup.c
index
334ea5d
..
0fedafa
100644
(file)
--- a/
src/net_setup.c
+++ b/
src/net_setup.c
@@
-868,7
+868,12
@@
static bool setup_myself(void) {
unlink(unixsocketname);
unlink(unixsocketname);
- if(bind(unix_fd, (struct sockaddr *)&sa, sizeof sa) < 0) {
+ mode_t mask = umask(0);
+ umask(mask | 077);
+ int result = bind(unix_fd, (struct sockaddr *)&sa, sizeof sa);
+ umask(mask);
+
+ if(result < 0) {
logger(DEBUG_ALWAYS, LOG_ERR, "Could not bind UNIX socket to %s: %s", unixsocketname, sockstrerror(errno));
return false;
}
logger(DEBUG_ALWAYS, LOG_ERR, "Could not bind UNIX socket to %s: %s", unixsocketname, sockstrerror(errno));
return false;
}