projects / platform / upstream / multipath-tools.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: 15d4bdd)
[multipathd] /var/run/multipathd.sock is world-writable
authorHannes Reinecke <hare@suse.de>
Wed, 1 Apr 2009 20:31:01 +0000 (22:31 +0200)
committerChristophe Varoqui <christophe.varoqui@free.fr>
Wed, 1 Apr 2009 20:31:01 +0000 (22:31 +0200)
Due to an stray 'umask()' the socket file is in fact world-writable,
allowing for an easy exploit.

References: 458598

multipathd/main.c patch | blob | history

diff --git a/multipathd/main.c b/multipathd/main.c
index 8a1a63d..9957f1f 100644 (file)
--- a/multipathd/main.c
+++ b/multipathd/main.c
@@ -1454,8 +1454,9 @@ daemonize(void)
 
        close(in_fd);
        close(out_fd);
-       chdir("/");
-       umask(0);
+       if (chdir("/") < 0)
+               fprintf(stderr, "cannot chdir to '/', continuing\n");
+
        return 0;
 }
 
Domain: System / Base;