You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@commons.apache.org by mt...@apache.org on 2010/10/16 13:21:22 UTC
svn commit: r1023247 - in /commons/proper/daemon/trunk/src/native/unix:
Makedefs.in native/jsvc-unix.c
Author: mturk
Date: Sat Oct 16 11:21:22 2010
New Revision: 1023247
URL: http://svn.apache.org/viewvc?rev=1023247&view=rev
Log:
DAEMON-178: Allow to shoot yourself in the foot. However, a compile time directive is needed
Modified:
commons/proper/daemon/trunk/src/native/unix/Makedefs.in
commons/proper/daemon/trunk/src/native/unix/native/jsvc-unix.c
Modified: commons/proper/daemon/trunk/src/native/unix/Makedefs.in
URL: http://svn.apache.org/viewvc/commons/proper/daemon/trunk/src/native/unix/Makedefs.in?rev=1023247&r1=1023246&r2=1023247&view=diff
==============================================================================
--- commons/proper/daemon/trunk/src/native/unix/Makedefs.in (original)
+++ commons/proper/daemon/trunk/src/native/unix/Makedefs.in Sat Oct 16 11:21:22 2010
@@ -31,4 +31,4 @@ LDCMD = @LDCMD@
STRIP = @STRIP@
.c.o:
- $(CC) $(CFLAGS) $(INCLUDES) -c $< -o $@
+ $(CC) $(CFLAGS) $(EXTRA_CFLAGS) $(INCLUDES) -c $< -o $@
Modified: commons/proper/daemon/trunk/src/native/unix/native/jsvc-unix.c
URL: http://svn.apache.org/viewvc/commons/proper/daemon/trunk/src/native/unix/native/jsvc-unix.c?rev=1023247&r1=1023246&r2=1023247&view=diff
==============================================================================
--- commons/proper/daemon/trunk/src/native/unix/native/jsvc-unix.c (original)
+++ commons/proper/daemon/trunk/src/native/unix/native/jsvc-unix.c Sat Oct 16 11:21:22 2010
@@ -45,7 +45,9 @@
#define F_ULOCK 0 /* Unlock a previously locked region */
#define F_LOCK 1 /* Lock a region for exclusive use */
#endif
-
+#ifndef JSVC_UMASK
+#define JSVC_UMASK 0077
+#endif
extern char **environ;
static mode_t envmask; /* mask to create the files */
@@ -1024,7 +1026,14 @@ int main(int argc, char *argv[])
#endif
}
- envmask = umask(0077);
+ /*
+ * umask() uses inverse logic; bits are CLEAR for allowed access.
+ */
+ if ((~JSVC_UMASK) & 0022) {
+ log_error("NOTICE: jsvc umask of %03o allows "
+ "write permission to group and/or other", JSVC_UMASK);
+ }
+ envmask = umask(JSVC_UMASK);
set_output(args->outfile, args->errfile, args->redirectstdin, args->procname);
res = run_controller(args, data, uid, gid);