summaryrefslogtreecommitdiffhomepage
path: root/pkg/contrib/src/njs/SHA512SUMS
diff options
context:
space:
mode:
authorAndrew Clayton <a.clayton@nginx.com>2023-02-23 12:01:14 +0000
committerAndrew Clayton <a.clayton@nginx.com>2023-02-23 12:01:14 +0000
commit29471c8d32a640d6e2e460f65d5a319c60043733 (patch)
tree6a928f56075564ffb4686280acbdd416635b9e47 /pkg/contrib/src/njs/SHA512SUMS
parent5c9113ddac6eb42efac7f0c77b2f374853ba7d8c (diff)
downloadunit-29471c8d32a640d6e2e460f65d5a319c60043733.tar.gz
unit-29471c8d32a640d6e2e460f65d5a319c60043733.tar.bz2
Set a safer umask(2) when running as a daemon.
When running as a daemon. unit currently sets umask(0), i.e no umask. This is resulting in various directories being created with a mode of 0777, e.g rwxrwxrwx this is currently affecting cgroup and rootfs directories, which are being created with a mode of 0777, and when running as a daemon as there is no umask to restrict the permissions. This also affects the language modules (the umask is inherited over fork(2)) whereby unless something explicitly sets a umask, files and directories will be created with full permissions, 0666 (rw-rw-rw-)/ 0777 (rwxrwxrwx) respectively. This could be an unwitting security issue. My original idea was to just remove the umask(0) call and thus inherit the umask from the executing shell/program. However there was some concern about just inheriting whatever umask was in effect. Alex suggested that rather than simply removing the umask(0) call we change it to a value of 022 (which is a common default), which will result in directories and files with permissions at most of 0755 (rwxr-xr-x) & 0644 (rw-r--r--). If applications need some other umask set, they can (as they always have been able to) set their own umask(2). Suggested-by: Alejandro Colomar <alx.manpages@gmail.com> Reviewed-by: Liam Crilly <liam@nginx.com> Signed-off-by: Andrew Clayton <a.clayton@nginx.com>
Diffstat (limited to 'pkg/contrib/src/njs/SHA512SUMS')
0 files changed, 0 insertions, 0 deletions