You are viewing a plain text version of this content. The canonical link for it is here.

Posted to commits@commons.apache.org by mt...@apache.org on 2010/10/16 13:21:22 UTC

svn commit: r1023247 - in /commons/proper/daemon/trunk/src/native/unix: Makedefs.in native/jsvc-unix.c

Author: mturk
Date: Sat Oct 16 11:21:22 2010
New Revision: 1023247

URL: http://svn.apache.org/viewvc?rev=1023247&view=rev
Log:
DAEMON-178: Allow to shoot yourself in the foot. However, a compile time directive is needed

Modified:
    commons/proper/daemon/trunk/src/native/unix/Makedefs.in
    commons/proper/daemon/trunk/src/native/unix/native/jsvc-unix.c

Modified: commons/proper/daemon/trunk/src/native/unix/Makedefs.in
URL: http://svn.apache.org/viewvc/commons/proper/daemon/trunk/src/native/unix/Makedefs.in?rev=1023247&r1=1023246&r2=1023247&view=diff
==============================================================================
--- commons/proper/daemon/trunk/src/native/unix/Makedefs.in (original)
+++ commons/proper/daemon/trunk/src/native/unix/Makedefs.in Sat Oct 16 11:21:22 2010
@@ -31,4 +31,4 @@ LDCMD = @LDCMD@
 STRIP = @STRIP@
 
 .c.o:
-	$(CC) $(CFLAGS) $(INCLUDES) -c $< -o $@
+	$(CC) $(CFLAGS) $(EXTRA_CFLAGS) $(INCLUDES) -c $< -o $@

Modified: commons/proper/daemon/trunk/src/native/unix/native/jsvc-unix.c
URL: http://svn.apache.org/viewvc/commons/proper/daemon/trunk/src/native/unix/native/jsvc-unix.c?rev=1023247&r1=1023246&r2=1023247&view=diff
==============================================================================
--- commons/proper/daemon/trunk/src/native/unix/native/jsvc-unix.c (original)
+++ commons/proper/daemon/trunk/src/native/unix/native/jsvc-unix.c Sat Oct 16 11:21:22 2010
@@ -45,7 +45,9 @@
 #define F_ULOCK 0               /* Unlock a previously locked region */
 #define F_LOCK  1               /* Lock a region for exclusive use */
 #endif
-
+#ifndef JSVC_UMASK
+#define JSVC_UMASK 0077
+#endif
 extern char **environ;
 
 static mode_t envmask;          /* mask to create the files */
@@ -1024,7 +1026,14 @@ int main(int argc, char *argv[])
 #endif
     }
 
-    envmask = umask(0077);
+    /*
+     * umask() uses inverse logic; bits are CLEAR for allowed access.
+     */
+    if ((~JSVC_UMASK) & 0022) {
+        log_error("NOTICE: jsvc umask of %03o allows "
+                  "write permission to group and/or other", JSVC_UMASK);
+    }
+    envmask = umask(JSVC_UMASK);
     set_output(args->outfile, args->errfile, args->redirectstdin, args->procname);
 
     res = run_controller(args, data, uid, gid);