diff options
Diffstat (limited to '')
-rw-r--r-- | auto/shmem | 7 | ||||
-rw-r--r-- | src/nxt_isolation.c | 2 | ||||
-rw-r--r-- | src/nxt_listen_socket.c | 2 | ||||
-rw-r--r-- | src/nxt_main_process.c | 4 | ||||
-rw-r--r-- | src/nxt_port_memory.c | 6 | ||||
-rw-r--r-- | src/nxt_runtime.c | 6 | ||||
-rw-r--r-- | src/nxt_unit.c | 4 |
7 files changed, 12 insertions, 19 deletions
@@ -24,8 +24,7 @@ nxt_feature_test="#include <sys/mman.h> shm_unlink(name); - int fd = shm_open(name, O_CREAT | O_EXCL | O_RDWR, - S_IRUSR | S_IWUSR); + int fd = shm_open(name, O_CREAT | O_EXCL | O_RDWR, 0600); if (fd == -1) return 1; @@ -68,7 +67,7 @@ if [ $nxt_found = no ]; then shm_unlink(name); int fd = shm_open(name, O_CREAT | O_EXCL | O_RDWR, - S_IRUSR | S_IWUSR); + 0600); if (fd == -1) return 1; @@ -95,7 +94,7 @@ nxt_feature_test="#include <sys/mman.h> #include <sys/stat.h> int main(void) { - int fd = shm_open(SHM_ANON, O_RDWR, S_IRUSR | S_IWUSR); + int fd = shm_open(SHM_ANON, O_RDWR, 0600); if (fd == -1) return 1; diff --git a/src/nxt_isolation.c b/src/nxt_isolation.c index 7f25379f..909a43f4 100644 --- a/src/nxt_isolation.c +++ b/src/nxt_isolation.c @@ -780,7 +780,7 @@ nxt_isolation_prepare_rootfs(nxt_task_t *task, nxt_process_t *process) continue; } - ret = nxt_fs_mkdir_p(dst, S_IRWXU | S_IRWXG | S_IRWXO); + ret = nxt_fs_mkdir_p(dst, 0777); if (nxt_slow_path(ret != NXT_OK)) { nxt_alert(task, "mkdir(%s) %E", dst, nxt_errno); goto undo; diff --git a/src/nxt_listen_socket.c b/src/nxt_listen_socket.c index 047c1ef9..4fe3e20b 100644 --- a/src/nxt_listen_socket.c +++ b/src/nxt_listen_socket.c @@ -132,7 +132,7 @@ nxt_listen_socket_create(nxt_task_t *task, nxt_mp_t *mp, nxt_runtime_t *rt = thr->runtime; name = (nxt_file_name_t *) sa->u.sockaddr_un.sun_path; - access = rt->control_mode > 0 ? rt->control_mode : S_IRUSR | S_IWUSR; + access = rt->control_mode > 0 ? rt->control_mode : 0600; if (nxt_file_set_access(name, access) != NXT_OK) { goto listen_fail; diff --git a/src/nxt_main_process.c b/src/nxt_main_process.c index 060ead41..c302cb02 100644 --- a/src/nxt_main_process.c +++ b/src/nxt_main_process.c @@ -1275,13 +1275,11 @@ nxt_main_listening_socket(nxt_sockaddr_t *sa, nxt_listening_socket_t *ls) && sa->u.sockaddr_un.sun_path[0] != '\0') { char *filename; - mode_t access; nxt_thread_t *thr; filename = sa->u.sockaddr_un.sun_path; - access = (S_IRUSR | S_IWUSR | S_IRGRP | S_IWGRP | S_IROTH | S_IWOTH); - if (chmod(filename, access) != 0) { + if (chmod(filename, 0666) != 0) { ls->end = nxt_sprintf(ls->start, ls->end, "chmod(\\\"%s\\\") failed %E", filename, nxt_errno); diff --git a/src/nxt_port_memory.c b/src/nxt_port_memory.c index be7688e2..ad6e97ad 100644 --- a/src/nxt_port_memory.c +++ b/src/nxt_port_memory.c @@ -393,8 +393,7 @@ nxt_shm_open(nxt_task_t *task, size_t size) #elif (NXT_HAVE_SHM_OPEN_ANON) - fd = shm_open(SHM_ANON, O_RDWR, S_IRUSR | S_IWUSR); - + fd = shm_open(SHM_ANON, O_RDWR, 0600); if (nxt_slow_path(fd == -1)) { nxt_alert(task, "shm_open(SHM_ANON) failed %E", nxt_errno); @@ -408,8 +407,7 @@ nxt_shm_open(nxt_task_t *task, size_t size) /* Just in case. */ shm_unlink((char *) name); - fd = shm_open((char *) name, O_CREAT | O_EXCL | O_RDWR, S_IRUSR | S_IWUSR); - + fd = shm_open((char *) name, O_CREAT | O_EXCL | O_RDWR, 0600); if (nxt_slow_path(fd == -1)) { nxt_alert(task, "shm_open(%s) failed %E", name, nxt_errno); diff --git a/src/nxt_runtime.c b/src/nxt_runtime.c index afe5a0b2..de76f19e 100644 --- a/src/nxt_runtime.c +++ b/src/nxt_runtime.c @@ -895,8 +895,7 @@ nxt_runtime_conf_init(nxt_task_t *task, nxt_runtime_t *rt) return NXT_ERROR; } - ret = mkdir((char *) file_name.start, S_IRWXU); - + ret = mkdir((char *) file_name.start, 0700); if (nxt_fast_path(ret == 0 || nxt_errno == EEXIST)) { rt->certs.length = file_name.len; rt->certs.start = file_name.start; @@ -912,8 +911,7 @@ nxt_runtime_conf_init(nxt_task_t *task, nxt_runtime_t *rt) return NXT_ERROR; } - ret = mkdir((char *) file_name.start, S_IRWXU); - + ret = mkdir((char *) file_name.start, 0700); if (nxt_fast_path(ret == 0 || nxt_errno == EEXIST)) { rt->scripts.length = file_name.len; rt->scripts.start = file_name.start; diff --git a/src/nxt_unit.c b/src/nxt_unit.c index 50e156d8..966a6c0f 100644 --- a/src/nxt_unit.c +++ b/src/nxt_unit.c @@ -3857,7 +3857,7 @@ nxt_unit_shm_open(nxt_unit_ctx_t *ctx, size_t size) #elif (NXT_HAVE_SHM_OPEN_ANON) - fd = shm_open(SHM_ANON, O_RDWR, S_IRUSR | S_IWUSR); + fd = shm_open(SHM_ANON, O_RDWR, 0600); if (nxt_slow_path(fd == -1)) { nxt_unit_alert(ctx, "shm_open(SHM_ANON) failed: %s (%d)", strerror(errno), errno); @@ -3870,7 +3870,7 @@ nxt_unit_shm_open(nxt_unit_ctx_t *ctx, size_t size) /* Just in case. */ shm_unlink(name); - fd = shm_open(name, O_CREAT | O_EXCL | O_RDWR, S_IRUSR | S_IWUSR); + fd = shm_open(name, O_CREAT | O_EXCL | O_RDWR, 0600); if (nxt_slow_path(fd == -1)) { nxt_unit_alert(ctx, "shm_open(%s) failed: %s (%d)", name, strerror(errno), errno); |