On Fri, May 23, 2014 at 08:26:31AM -0700, Ben Pfaff wrote:
> On Fri, May 23, 2014 at 11:54:11AM +0900, YAMAMOTO Takashi wrote:
> > > According to _Unix Network Programming_, only the umask controls the
> > > permissions of a Unix domain socket created by bind(). This makes it
> > > difficult to correctly control permissions on sockets in a
> > > multithreaded process, since the umask is not thread-specific.
> > > Therefore, currently bind_unix_socket() in socket-util.c has a race.
> > >
> > > On Linux, one can also affect the permissions of a Unix domain socket
> > > by fchmoding the socket *before* calling bind(). Based on a glance at
> > > the FreeBSD source, I don't think that this works on BSD. Is there
> > > another way to do it there? (Does it work to fchmod the socket
> > > post-bind?) If not, we might have to add a fallback that forks off a
> > > process, sets the umask, and binds the socket.
> > >
> > > I guess FreeBSD and NetBSD could potentially differ here, too.
> >
> > NetBSD doesn't have an alternative way. i think the situation is
> > same for FreeBSD but i haven't checked.
> >
> > anyway, it would be nice to have a portable fallback.
> > using a temporary directory might be less invasive than folk.
>
> Does it have the desired effect to chmod("socket", 0600) after the bind
> but before the listen?
I'd like to fix this bug in a portable and efficient way. Would you
mind checking on that for me?
_______________________________________________
dev mailing list
[email protected]
http://openvswitch.org/mailman/listinfo/dev
