Re: Solaris 2.6 and sockets

Theo de Raadt (deraadt@CVS.OPENBSD.ORG)
Sun, 05 Oct 1997 00:27:36 -0600

Messages sorted by: [ date ][ thread ][ subject ][ author ]
Next message: Doug Hughes: "Re: Possible weakness in LPD protocol"
Previous message: Thamer Al-Herbish: "Re: Solaris 2.6 and sockets"
Maybe in reply to: Wojciech Tryc: "Solaris 2.6 and sockets"
Next in thread: Casper Dik: "Re: Solaris 2.6 and sockets"

> I have noticed strange things happening under Solaris 2.6 (final release)
> Any Unix socket created by ANY application has permissions 4777!!!!
> ie: srwxrwxrwx 1 root root 0 Oct 3 21:22 mysql.sock
> Check out your /tmp directory :)

I believe this affects almost everyone. I fixed this a while back.

RCS file: /cvs/src/sys/kern/uipc_usrreq.c,v
...
revision 1.3
date: 1996/06/25 21:26:11; author: deraadt; state: Exp; lines: +2 -2
consider umask for AF_UNIX bind()

Index: uipc_usrreq.c
===================================================================
RCS file: /cvs/src/sys/kern/uipc_usrreq.c,v
retrieving revision 1.2
retrieving revision 1.3
diff -u -r1.2 -r1.3
--- uipc_usrreq.c 1996/03/03 17:20:22 1.2
+++ uipc_usrreq.c 1996/06/25 21:26:11 1.3
@@ -418,7 +418,7 @@
}
VATTR_NULL(&vattr);
vattr.va_type = VSOCK;
- vattr.va_mode = ACCESSPERMS;
+ vattr.va_mode = ACCESSPERMS &~ p->p_fd->fd_cmask;
VOP_LEASE(nd.ni_dvp, p, p->p_ucred, LEASE_WRITE);
error = VOP_CREATE(nd.ni_dvp, &nd.ni_vp, &nd.ni_cnd, &vattr);
if (error)

Next message: Doug Hughes: "Re: Possible weakness in LPD protocol"
Previous message: Thamer Al-Herbish: "Re: Solaris 2.6 and sockets"
Maybe in reply to: Wojciech Tryc: "Solaris 2.6 and sockets"
Next in thread: Casper Dik: "Re: Solaris 2.6 and sockets"