daemonize: use a safe umask for the daemon · 1703489bd3 - XO Git

daemonize: use a safe umask for the daemon

The reason for setting umask in a daemon is to get a defined umask value
instead of whatever the calling user had configured. A umask of zero is
dangerous, however, because it can easily cause world-readable and
world-writeable files when oblivious code is involved that specified
0777 during open() calls, wanting to grant the user full control of the
resulting file mode.

Currently the daemon shouldn't be creating any new files so this is not
a matter. This could change in the future, however.

Matthias Gerstner 6 years ago

parent

fdfc6edfd9

commit

1703489bd3

1 changed files with 1 additions and 1 deletions

Split View Show Diff Stats

						
							+ 1
							
							- 1
						
daemon/daemonize.c
							 
								View File
							
				@@ -61,7 +61,7 @@ void daemonize(const char *name)
			
				 	}
			
				 	/* Now continue execution */
			
				-	umask(0);
			
				+	umask(0022);
			
				 	if (setsid() < 0) {
			
				 		FATAL_ERRORNO("Failed to create process group\n");
			
				 	}