From 4797357fa9fe4cd9adfbbbf59288f38232ada262 Mon Sep 17 00:00:00 2001 From: 1848 <> Date: Tue, 14 Aug 2018 22:53:19 +0200 Subject: [PATCH] fixed setting unix socket permissions first call fchmod() to prevent TOCTTOU, then apply permissions using chmod() --- src/event/ServerSocket.cxx | 7 +++++++ src/net/SocketUtil.cxx | 5 ++--- src/net/SocketUtil.hxx | 4 ++++ 3 files changed, 13 insertions(+), 3 deletions(-) diff --git a/src/event/ServerSocket.cxx b/src/event/ServerSocket.cxx index 4e00ac41b..67919b913 100644 --- a/src/event/ServerSocket.cxx +++ b/src/event/ServerSocket.cxx @@ -184,6 +184,13 @@ OneServerSocket::Open() SOCK_STREAM, 0, address, 5); +#ifdef HAVE_UN + /* allow everybody to connect */ + + if (!path.IsNull()) + chmod(path.c_str(), 0666); +#endif + /* register in the EventLoop */ SetFD(_fd.Release()); diff --git a/src/net/SocketUtil.cxx b/src/net/SocketUtil.cxx index de2c25917..42962c0eb 100644 --- a/src/net/SocketUtil.cxx +++ b/src/net/SocketUtil.cxx @@ -34,11 +34,10 @@ socket_bind_listen(int domain, int type, int protocol, if (!fd.CreateNonBlock(domain, type, protocol)) throw MakeSocketError("Failed to create socket"); - #ifdef HAVE_UN if (domain == AF_UNIX) { - /* allow everybody to connect */ - fchmod(fd.Get(), 0666); + /* Prevent access until right permissions are set */ + fchmod(fd.Get(), 0); } #endif diff --git a/src/net/SocketUtil.hxx b/src/net/SocketUtil.hxx index a8ae998a4..b8a14ea4d 100644 --- a/src/net/SocketUtil.hxx +++ b/src/net/SocketUtil.hxx @@ -32,6 +32,10 @@ class SocketAddress; /** * Creates a socket listening on the specified address. This is a * shortcut for socket(), bind() and listen(). + * When a unix socket is created (domain == AF_UNIX), its + * permissions will be stripped down to prevent unauthorized + * access. The caller is responsible to apply proper permissions + * at a later point. * * Throws #std::system_error on error. *