Re: Solaris 2.6 and sockets

Casper Dik (casper@HOLLAND.SUN.COM)
Mon, 06 Oct 1997 10:34:03 +0200

Messages sorted by: [ date ][ thread ][ subject ][ author ]
Next message: Thamer Al-Herbish: "Re: TCPwrappers race condition"
Previous message: Doug Hughes: "Re: Possible weakness in LPD protocol"
Maybe in reply to: Wojciech Tryc: "Solaris 2.6 and sockets"
Next in thread: Edsel Adap: "Re: Solaris 2.6 and sockets"

>> I have noticed strange things happening under Solaris 2.6 (final release)
>> Any Unix socket created by ANY application has permissions 4777!!!!
>> ie: srwxrwxrwx 1 root root 0 Oct 3 21:22 mysql.sock
>> Check out your /tmp directory :)
>
>I believe this affects almost everyone. I fixed this a while back.
>
>RCS file: /cvs/src/sys/kern/uipc_usrreq.c,v
>...
>revision 1.3
>date: 1996/06/25 21:26:11; author: deraadt; state: Exp; lines: +2 -2
>consider umask for AF_UNIX bind()

Traditionally, unix domain sockets were created mode 777; the mode was
also ignored. Later BSD releases have been changed to consider the mode;
when connecting (obviously, there's no "connect bit" so I'd assume they went
for read-write access).

When scuh changes were considered for Solaris, it was found that some software
depended on Solaris ignoring the permissions.

I think that the xnet sockets did get changed to honor the permissions.

Casper

Next message: Thamer Al-Herbish: "Re: TCPwrappers race condition"
Previous message: Doug Hughes: "Re: Possible weakness in LPD protocol"
Maybe in reply to: Wojciech Tryc: "Solaris 2.6 and sockets"
Next in thread: Edsel Adap: "Re: Solaris 2.6 and sockets"