* fhandler_socket.cc (adjust_socket_file_mode): New inline function.

(fhandler_socket::fchmod): Squeeze mode through adjust_socket_file_mode before using it. (fhandler_socket::bind): Ditto.
2007-05-15 16:33:20 +00:00 · 2007-05-15 16:33:20 +00:00 · f9a963b8a0
parent 90c2ba7806
commit f9a963b8a0
2 changed files with 24 additions and 4 deletions
--- a/winsup/cygwin/ChangeLog
+++ b/winsup/cygwin/ChangeLog
@ -1,4 +1,11 @@
-007-03-19  Ryan C. Gordon  <icculus@icculus.org>
+2007-05-15  Corinna Vinschen  <corinna@vinschen.de>
+
+	* fhandler_socket.cc (adjust_socket_file_mode): New inline function.
+	(fhandler_socket::fchmod): Squeeze mode through adjust_socket_file_mode
+	before using it.
+	(fhandler_socket::bind): Ditto.
+
+2007-03-19  Ryan C. Gordon  <icculus@icculus.org>

 	* path.cc (fs_info::update): Set and use is_cdrom.
 	* path.cc (fillout_mntent): Set ret.mnt_type to something more
@ -10,7 +17,7 @@
 	* path.h (class path_conv): Add fs_is_cdrom method.  Add missing
 	fs_is_netapp method.

-007-05-14  Eric Blake  <ebb9@byu.net>
+2007-05-14  Eric Blake  <ebb9@byu.net>

 	* cygwin.din (asnprintf, dprint, _Exit, vasnprintf, vdprintf): Export.
 	* include/cygwin/version.h: Bump API minor number.
--- a/winsup/cygwin/fhandler_socket.cc
+++ b/winsup/cygwin/fhandler_socket.cc
@ -50,6 +50,18 @@ int sscanf (const char *, const char *, ...);

 fhandler_dev_random* entropy_source;

+static inline mode_t
+adjust_socket_file_mode (mode_t mode)
+{
+  /* Kludge: Don't allow to remove read bit on socket files for
+     user/group/other, if the accompanying write bit is set.  It would
+     be nice to have exact permissions on a socket file, but it's
+     necessary that somebody able to access the socket can always read
+     the contents of the socket file to avoid spurious "permission
+     denied" messages. */
+  return mode | ((mode & (S_IWUSR | S_IWGRP | S_IWOTH)) << 1);
+}
+
 /* cygwin internal: map sockaddr into internet domain address */
 static int
 get_inet_addr (const struct sockaddr *in, int inlen,
@ -687,7 +699,7 @@ fhandler_socket::fchmod (mode_t mode)
    {
      fhandler_disk_file fh (pc);
      fh.get_device () = FH_FS;
-      int ret = fh.fchmod (mode);
+      int ret = fh.fchmod (adjust_socket_file_mode (mode));
      SetFileAttributes	(pc, GetFileAttributes (pc) | FILE_ATTRIBUTE_SYSTEM);
      return ret;
    }
@ -799,7 +811,8 @@ fhandler_socket::bind (const struct sockaddr *name, int namelen)
 	  set_errno (EADDRINUSE);
 	  goto out;
 	}
-      mode_t mode = (S_IRWXU | S_IRWXG | S_IRWXO) & ~cygheap->umask;
+      mode_t mode = adjust_socket_file_mode ((S_IRWXU | S_IRWXG | S_IRWXO)
+					     & ~cygheap->umask);
      DWORD attr = FILE_ATTRIBUTE_SYSTEM;
      if (!(mode & (S_IWUSR | S_IWGRP | S_IWOTH)))
 	attr |= FILE_ATTRIBUTE_READONLY;