Merge pull request #173 from pkalever/perms2

uds: set right permissions at bind() time
author: Maurizio Lombardi <mlombard@redhat.com> 2020-06-04 10:26:44 +0200
committer: GitHub <noreply@github.com> 2020-06-04 10:26:44 +0200
commit: 3266f185ba013b1ed4570ddb20bf87dd3beb07b3 (patch)
tree: ce5a63643d0812ee6fac0a66963ee5383be509c1
parent: bab9fc16236c4aceade31e95327bc7b493bb157a (diff)
parent: e347f7ea20547052e8fc1b65cba5e3f3ef2bf3d8 (diff)
download: targetcli-3266f185ba013b1ed4570ddb20bf87dd3beb07b3.tar.gz
1 files changed, 6 insertions, 0 deletions
diff --git a/daemon/targetclid b/daemon/targetclid
index 329cede..9bf8ae7 100755
--- a/daemon/targetclid
+++ b/daemon/targetclid
@@ -28,6 +28,7 @@ from threading import Thread
 
 import os
 import sys
+import stat
 import socket
 import struct
 import fcntl
@@ -238,12 +239,17 @@ def main():
         # save socket so a signal can clea it up
         to.sock = sock
 
+        mode = stat.S_IRUSR | stat.S_IWUSR # 0o600
+        umask = 0o777 ^ mode  # Prevents always downgrading umask to 0
+        umask_original = os.umask(umask)
         # Bind the socket path
         try:
             sock.bind(to.socket_path)
         except socket.error as err:
             to.display(to.render(err.strerror, 'red'))
             sys.exit(1)
+        finally:
+            os.umask(umask_original)
 
         # Listen for incoming connections
         try:
author	Maurizio Lombardi <mlombard@redhat.com>	2020-06-04 10:26:44 +0200
committer	GitHub <noreply@github.com>	2020-06-04 10:26:44 +0200
commit	3266f185ba013b1ed4570ddb20bf87dd3beb07b3 (patch)
tree	ce5a63643d0812ee6fac0a66963ee5383be509c1
parent	bab9fc16236c4aceade31e95327bc7b493bb157a (diff)
parent	e347f7ea20547052e8fc1b65cba5e3f3ef2bf3d8 (diff)
download	targetcli-3266f185ba013b1ed4570ddb20bf87dd3beb07b3.tar.gz