mirror of
git://git.gnupg.org/gnupg.git
synced 2025-07-02 22:46:30 +02:00
Explicitly restrict socket permissions.
* agent/gpg-agent.c (create_server_socket): Call chmod before listen. * scd/scdaemon.c (create_server_socket): Ditto. * dirmngr/dirmngr.c (main): Ditto. -- This is just in case of a improperly set umask. Note that a connect requires a write permissions.
This commit is contained in:
Werner Koch
parent
6790115fd9
commit
8127043d54
4 changed files with 13 additions and 1 deletions
|
|
@ -1112,6 +1112,10 @@ create_server_socket (const char *name, char **r_redir_name,
|
|||
scd_exit (2);
|
||||
}
|
||||
|
||||
if (gnupg_chmod (unaddr->sun_path, "-rwx"))
|
||||
log_error (_("can't set permissions of '%s': %s\n"),
|
||||
unaddr->sun_path, strerror (errno));
|
||||
|
||||
if (listen (FD2INT(fd), 5 ) == -1)
|
||||
{
|
||||
log_error (_("listen() failed: %s\n"),
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue