Date: Thu, 6 Feb 1997 13:24:44 -0800 (PST) From: Paul Traina <pst@Shockwave.COM> To: FreeBSD-gnats-submit@freebsd.org Subject: kern/2680: bind of a local domain socket does not respect umask Message-ID: <199702062124.NAA01371@precipice.shockwave.com> Resent-Message-ID: <199702062130.NAA06750@freefall.freebsd.org>
next in thread | raw e-mail | index | archive | help
>Number: 2680 >Category: kern >Synopsis: bind of a local domain socket does not respect umask >Confidential: no >Severity: critical >Priority: medium >Responsible: freebsd-bugs >State: open >Class: sw-bug >Submitter-Id: current-users >Arrival-Date: Thu Feb 6 13:30:02 PST 1997 >Last-Modified: >Originator: Paul Traina >Organization: >Release: FreeBSD 3.0-CURRENT i386 >Environment: FreeBSD -current and 2.x >Description: Unix domain sockets are always created with mode ACCESSPERMS. This is incorrect, they should be created with ACCESSPERMS & umask. This is a critical flaw, because there is no way to avoid a race condition even if you immediately chmod() the socket after creation. >How-To-Repeat: umask(022); bind to a domain socket ls -l path >Fix: In uipc_usrreq.c, vattr.va_mode is set to ACCESSPERMS. It should be set to ACCESSPERMS & current umask if the uap is available (is it always available at this point?) >Audit-Trail: >Unformatted:
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?199702062124.NAA01371>