projects
/
platform
/
upstream
/
multipath-tools.git
/ commitdiff
commit
grep
author
committer
pickaxe
?
search:
re
summary
|
shortlog
|
log
|
commit
| commitdiff |
tree
raw
|
patch
| inline |
side by side
(parent:
15d4bdd
)
[multipathd] /var/run/multipathd.sock is world-writable
author
Hannes Reinecke
<hare@suse.de>
Wed, 1 Apr 2009 20:31:01 +0000
(22:31 +0200)
committer
Christophe Varoqui
<christophe.varoqui@free.fr>
Wed, 1 Apr 2009 20:31:01 +0000
(22:31 +0200)
Due to an stray 'umask()' the socket file is in fact world-writable,
allowing for an easy exploit.
References: 458598
multipathd/main.c
patch
|
blob
|
history
diff --git
a/multipathd/main.c
b/multipathd/main.c
index
8a1a63d
..
9957f1f
100644
(file)
--- a/
multipathd/main.c
+++ b/
multipathd/main.c
@@
-1454,8
+1454,9
@@
daemonize(void)
close(in_fd);
close(out_fd);
- chdir("/");
- umask(0);
+ if (chdir("/") < 0)
+ fprintf(stderr, "cannot chdir to '/', continuing\n");
+
return 0;
}