Explicitly restrict socket permissions.

* agent/gpg-agent.c (create_server_socket): Call chmod before listen. * scd/scdaemon.c (create_server_socket): Ditto. * dirmngr/dirmngr.c (main): Ditto. -- This is just in case of a improperly set umask. Note that a connect requires a write permissions.
2016-06-08 16:18:02 +02:00 · 2016-06-08 16:18:02 +02:00 · 8127043d54
parent 6790115fd9
commit 8127043d54
4 changed files with 13 additions and 1 deletions
--- a/agent/gpg-agent.c
+++ b/agent/gpg-agent.c
@ -1865,6 +1865,10 @@ create_server_socket (char *name, int primary, int cygwin,
      agent_exit (2);
    }

+  if (gnupg_chmod (unaddr->sun_path, "-rwx"))
+    log_error (_("can't set permissions of '%s': %s\n"),
+               unaddr->sun_path, strerror (errno));
+
  if (listen (FD2INT(fd), 5 ) == -1)
    {
      log_error (_("listen() failed: %s\n"), strerror (errno));
--- a/common/sysutils.c
+++ b/common/sysutils.c
@ -628,7 +628,7 @@ gnupg_mkdir (const char *name, const char *modestr)
 }


-/* A wrapper around mkdir which takes a string for the mode argument.
+/* A wrapper around chmod which takes a string for the mode argument.
   This makes it easier to handle the mode argument which is not
   defined on all systems.  The format of the modestring is the same
   as for gnupg_mkdir.  */
--- a/dirmngr/dirmngr.c
+++ b/dirmngr/dirmngr.c
@ -1183,6 +1183,10 @@ main (int argc, char **argv)
        }
      cleanup_socket = 1;

+      if (gnupg_chmod (serv_addr.sun_path, "-rwx"))
+        log_error (_("can't set permissions of '%s': %s\n"),
+                   serv_addr.sun_path, strerror (errno));
+
      if (listen (FD2INT (fd), 5) == -1)
        {
          log_error (_("listen() failed: %s\n"), strerror (errno));
--- a/scd/scdaemon.c
+++ b/scd/scdaemon.c
@ -1112,6 +1112,10 @@ create_server_socket (const char *name, char **r_redir_name,
      scd_exit (2);
    }

+  if (gnupg_chmod (unaddr->sun_path, "-rwx"))
+    log_error (_("can't set permissions of '%s': %s\n"),
+               unaddr->sun_path, strerror (errno));
+
  if (listen (FD2INT(fd), 5 ) == -1)
    {
      log_error (_("listen() failed: %s\n"),