daemonize: use a safe umask for the daemon · 1703489bd3 - XO Git

Преглед на файлове

daemonize: use a safe umask for the daemon

The reason for setting umask in a daemon is to get a defined umask value
instead of whatever the calling user had configured. A umask of zero is
dangerous, however, because it can easily cause world-readable and
world-writeable files when oblivious code is involved that specified
0777 during open() calls, wanting to grant the user full control of the
resulting file mode.

Currently the daemon shouldn't be creating any new files so this is not
a matter. This could change in the future, however.

Matthias Gerstner преди 6 години

родител

fdfc6edfd9

ревизия

1703489bd3

променени са 1 файла, в които са добавени 1 реда и са изтрити 1 реда

Разделен изглед Покажи статистика за разликите

						
							+ 1
							
							- 1
						
daemon/daemonize.c
							 
								Целия файл
							
				@@ -61,7 +61,7 @@ void daemonize(const char *name)
			
				 	}
			
				 	/* Now continue execution */
			
				-	umask(0);
			
				+	umask(0022);
			
				 	if (setsid() < 0) {
			
				 		FATAL_ERRORNO("Failed to create process group\n");
			
				 	}