Explicitly chmod AF_UNIX sockets to 0600 when *GroupWritable isn't specified

author: Andrea Shepard <andrea@torproject.org> 2015-01-13 00:27:04 +0000
committer: Andrea Shepard <andrea@torproject.org> 2015-01-13 00:27:04 +0000
commit: 066acaf6b9e5c38fc392e85c14457f338d3c1dff (patch)
tree: b5b8bb6250713a35e1da18b3c01fad476f38f0fd /src/or
parent: 4316bb601a95ebe6e8353cc0a795605889039fe3 (diff)
download: tor-066acaf6b9e5c38fc392e85c14457f338d3c1dff.tar.gz
tor-066acaf6b9e5c38fc392e85c14457f338d3c1dff.zip
1 files changed, 10 insertions, 0 deletions
diff --git a/src/or/connection.c b/src/or/connection.c
index 0a7a6a882b..a3c7019812 100644
--- a/src/or/connection.c
+++ b/src/or/connection.c
@@ -1244,6 +1244,16 @@ connection_listener_new(const struct sockaddr *listensockaddr,
         log_warn(LD_FS,"Unable to make %s group-writable.", address);
         goto err;
       }
+    } else if ((type == CONN_TYPE_CONTROL_LISTENER &&
+                !(options->ControlSocketsGroupWritable)) ||
+               (type == CONN_TYPE_AP_LISTENER &&
+                !(options->SocksSocketsGroupWritable))) {
+      /* We need to use chmod; fchmod doesn't work on sockets on all
+       * platforms. */
+      if (chmod(address, 0600) < 0) {
+        log_warn(LD_FS,"Unable to make %s group-writable.", address);
+        goto err;
+      }
     }
 
     if (listen(s, SOMAXCONN) < 0) {
author	Andrea Shepard <andrea@torproject.org>	2015-01-13 00:27:04 +0000
committer	Andrea Shepard <andrea@torproject.org>	2015-01-13 00:27:04 +0000
commit	066acaf6b9e5c38fc392e85c14457f338d3c1dff (patch)
tree	b5b8bb6250713a35e1da18b3c01fad476f38f0fd /src/or
parent	4316bb601a95ebe6e8353cc0a795605889039fe3 (diff)
download	tor-066acaf6b9e5c38fc392e85c14457f338d3c1dff.tar.gz tor-066acaf6b9e5c38fc392e85c14457f338d3c1dff.zip