projects / tinc / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: a1f4f14) | patch
Use umask() to set file and UNIX socket permissions without race conditions.
authorGuus Sliepen <guus@tinc-vpn.org>
Fri, 2 Aug 2013 17:27:06 +0000 (19:27 +0200)
committerGuus Sliepen <guus@tinc-vpn.org>
Fri, 2 Aug 2013 17:28:34 +0000 (19:28 +0200)
commita38e0d621397d6d69c939ccc287d5a803b668195
treebf61745c5dbcd3a958e570d3afd4c96ad270bd01tree | snapshot
parenta1f4f14c6c5e269c901e6e019418fb8f789cf96bcommit | diff
Use umask() to set file and UNIX socket permissions without race conditions.

As mentioned by Erik Tews, calling fchmod() after fopen() leaves a small window
for exploits. As long as tinc is single-threaded, we can use umask() instead to
reduce file permissions. This also works when creating the AF_UNIX control socket.

The umask of the user running tinc(d) is used for most files, except for the
private keys, invitation files, PID file and control socket.
src/control.c diff | blob | history
src/invitation.c diff | blob | history
src/net_setup.c diff | blob | history
src/tincctl.c diff | blob | history
src/tincctl.h diff | blob | history
tinc, the VPN daemon