Date: Sun, 3 Mar 2013 00:10:38 +0100 From: Jilles Tjoelker <jilles@stack.nl> To: Pawel Jakub Dawidek <pjd@FreeBSD.org> Cc: Konstantin Belousov <kostikbel@gmail.com>, Dag-Erling =?iso-8859-1?Q?Sm=F8rgrav?= <des@des.no>, freebsd-arch@FreeBSD.org Subject: Re: bindat(2) and connectat(2) syscalls for review. Message-ID: <20130302231038.GA70271@stack.nl> In-Reply-To: <20130217144321.GJ2023@garage.freebsd.pl> References: <20130213230354.GC1375@garage.freebsd.pl> <20130213232004.GA2522@kib.kiev.ua> <20130213234030.GD1375@garage.freebsd.pl> <20130214185549.GA36288@stack.nl> <86ip5saqiu.fsf@ds4.des.no> <20130216232039.GD2023@garage.freebsd.pl> <86y5enaan7.fsf@ds4.des.no> <20130217142038.GA55034@stack.nl> <20130217144321.GJ2023@garage.freebsd.pl>
next in thread | previous in thread | raw e-mail | index | archive | help
On Sun, Feb 17, 2013 at 03:43:22PM +0100, Pawel Jakub Dawidek wrote: > But if we are going to do that, it would be nice to have at least one > useful flag to use in there:) I have just found a candidate. In a kdump of tmux, there is a umask/bind/umask sequence. This is because unlike other calls that create files such as open(), mkdir(), mkfifo() and mknod(), the bind() function does not have a permissions argument. (symlink() has no permissions argument but that's because permissions do not matter for symlinks.) The umask/bind/umask sequence is not thread-safe. If the socket is to be accessible for the current user only, a good workaround is to create the socket in a mode 700 directory and not care about the permissions of the socket itself. If the socket is to be accessible for all users, some other filename can be bound, permissions corrected and then renamed to the expected name. In some cases, these workarounds may have to be combined. If we want a cleaner fix for this, it can be done with an extra bindat() argument, a setsockopt() or wider-ranging changes like a per-thread umask. Then again, it is apparently OK that not all filenames are accessible for binding and connecting sockets, so perhaps this is also OK. Some of these umask problems are shared with all other calls that create files. -- Jilles Tjoelker
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20130302231038.GA70271>