summaryrefslogtreecommitdiffhomepage
path: root/src
diff options
context:
space:
mode:
Diffstat (limited to '')
-rw-r--r--src/nxt_isolation.c2
-rw-r--r--src/nxt_listen_socket.c2
-rw-r--r--src/nxt_main_process.c4
-rw-r--r--src/nxt_port_memory.c6
-rw-r--r--src/nxt_runtime.c6
-rw-r--r--src/nxt_unit.c4
6 files changed, 9 insertions, 15 deletions
diff --git a/src/nxt_isolation.c b/src/nxt_isolation.c
index 7f25379f..909a43f4 100644
--- a/src/nxt_isolation.c
+++ b/src/nxt_isolation.c
@@ -780,7 +780,7 @@ nxt_isolation_prepare_rootfs(nxt_task_t *task, nxt_process_t *process)
continue;
}
- ret = nxt_fs_mkdir_p(dst, S_IRWXU | S_IRWXG | S_IRWXO);
+ ret = nxt_fs_mkdir_p(dst, 0777);
if (nxt_slow_path(ret != NXT_OK)) {
nxt_alert(task, "mkdir(%s) %E", dst, nxt_errno);
goto undo;
diff --git a/src/nxt_listen_socket.c b/src/nxt_listen_socket.c
index 047c1ef9..4fe3e20b 100644
--- a/src/nxt_listen_socket.c
+++ b/src/nxt_listen_socket.c
@@ -132,7 +132,7 @@ nxt_listen_socket_create(nxt_task_t *task, nxt_mp_t *mp,
nxt_runtime_t *rt = thr->runtime;
name = (nxt_file_name_t *) sa->u.sockaddr_un.sun_path;
- access = rt->control_mode > 0 ? rt->control_mode : S_IRUSR | S_IWUSR;
+ access = rt->control_mode > 0 ? rt->control_mode : 0600;
if (nxt_file_set_access(name, access) != NXT_OK) {
goto listen_fail;
diff --git a/src/nxt_main_process.c b/src/nxt_main_process.c
index 060ead41..c302cb02 100644
--- a/src/nxt_main_process.c
+++ b/src/nxt_main_process.c
@@ -1275,13 +1275,11 @@ nxt_main_listening_socket(nxt_sockaddr_t *sa, nxt_listening_socket_t *ls)
&& sa->u.sockaddr_un.sun_path[0] != '\0')
{
char *filename;
- mode_t access;
nxt_thread_t *thr;
filename = sa->u.sockaddr_un.sun_path;
- access = (S_IRUSR | S_IWUSR | S_IRGRP | S_IWGRP | S_IROTH | S_IWOTH);
- if (chmod(filename, access) != 0) {
+ if (chmod(filename, 0666) != 0) {
ls->end = nxt_sprintf(ls->start, ls->end,
"chmod(\\\"%s\\\") failed %E",
filename, nxt_errno);
diff --git a/src/nxt_port_memory.c b/src/nxt_port_memory.c
index be7688e2..ad6e97ad 100644
--- a/src/nxt_port_memory.c
+++ b/src/nxt_port_memory.c
@@ -393,8 +393,7 @@ nxt_shm_open(nxt_task_t *task, size_t size)
#elif (NXT_HAVE_SHM_OPEN_ANON)
- fd = shm_open(SHM_ANON, O_RDWR, S_IRUSR | S_IWUSR);
-
+ fd = shm_open(SHM_ANON, O_RDWR, 0600);
if (nxt_slow_path(fd == -1)) {
nxt_alert(task, "shm_open(SHM_ANON) failed %E", nxt_errno);
@@ -408,8 +407,7 @@ nxt_shm_open(nxt_task_t *task, size_t size)
/* Just in case. */
shm_unlink((char *) name);
- fd = shm_open((char *) name, O_CREAT | O_EXCL | O_RDWR, S_IRUSR | S_IWUSR);
-
+ fd = shm_open((char *) name, O_CREAT | O_EXCL | O_RDWR, 0600);
if (nxt_slow_path(fd == -1)) {
nxt_alert(task, "shm_open(%s) failed %E", name, nxt_errno);
diff --git a/src/nxt_runtime.c b/src/nxt_runtime.c
index afe5a0b2..de76f19e 100644
--- a/src/nxt_runtime.c
+++ b/src/nxt_runtime.c
@@ -895,8 +895,7 @@ nxt_runtime_conf_init(nxt_task_t *task, nxt_runtime_t *rt)
return NXT_ERROR;
}
- ret = mkdir((char *) file_name.start, S_IRWXU);
-
+ ret = mkdir((char *) file_name.start, 0700);
if (nxt_fast_path(ret == 0 || nxt_errno == EEXIST)) {
rt->certs.length = file_name.len;
rt->certs.start = file_name.start;
@@ -912,8 +911,7 @@ nxt_runtime_conf_init(nxt_task_t *task, nxt_runtime_t *rt)
return NXT_ERROR;
}
- ret = mkdir((char *) file_name.start, S_IRWXU);
-
+ ret = mkdir((char *) file_name.start, 0700);
if (nxt_fast_path(ret == 0 || nxt_errno == EEXIST)) {
rt->scripts.length = file_name.len;
rt->scripts.start = file_name.start;
diff --git a/src/nxt_unit.c b/src/nxt_unit.c
index 50e156d8..966a6c0f 100644
--- a/src/nxt_unit.c
+++ b/src/nxt_unit.c
@@ -3857,7 +3857,7 @@ nxt_unit_shm_open(nxt_unit_ctx_t *ctx, size_t size)
#elif (NXT_HAVE_SHM_OPEN_ANON)
- fd = shm_open(SHM_ANON, O_RDWR, S_IRUSR | S_IWUSR);
+ fd = shm_open(SHM_ANON, O_RDWR, 0600);
if (nxt_slow_path(fd == -1)) {
nxt_unit_alert(ctx, "shm_open(SHM_ANON) failed: %s (%d)",
strerror(errno), errno);
@@ -3870,7 +3870,7 @@ nxt_unit_shm_open(nxt_unit_ctx_t *ctx, size_t size)
/* Just in case. */
shm_unlink(name);
- fd = shm_open(name, O_CREAT | O_EXCL | O_RDWR, S_IRUSR | S_IWUSR);
+ fd = shm_open(name, O_CREAT | O_EXCL | O_RDWR, 0600);
if (nxt_slow_path(fd == -1)) {
nxt_unit_alert(ctx, "shm_open(%s) failed: %s (%d)", name,
strerror(errno), errno);