[lxc-devel] [PATCH] lxc-monitord.log should not be created with mode 0666
Dwight Engen
dwight.engen at oracle.com
Tue Jan 28 15:22:36 UTC 2014
On Tue, 28 Jan 2014 12:01:54 +0100
Robert Vogelgesang <vogel at users.sourceforge.net> wrote:
> lxc_monitord_spawn() in src/lxc/monitor.c contained "umask(0);", and
> because of this, lxc-monitord created lxc-monitord.log with mode 0666.
> World-writeable log files are bad, so remove this umask(0).
I don't have a problem with this change per-se, but I think the reason
the log is 0666 is because that is the mode passed in log.c:log_open().
Did your change actually have the effect you were after?
If we don't want logs world readable then I'd suggest we should change
the mode log_open() so it takes effect for all lxc logs.
> Signed-off-by: Robert Vogelgesang <vogel at users.sourceforge.net>
>
> diff -u lxc-lxc-1.0.0.beta3/src/lxc/monitor.c.orig
> lxc-lxc-1.0.0.beta3/src/lxc/monitor.c ---
> lxc-lxc-1.0.0.beta3/src/lxc/monitor.c.orig 2014-01-27
> 14:52:20.000000000 +0100 +++
> lxc-lxc-1.0.0.beta3/src/lxc/monitor.c 2014-01-28
> 11:57:26.692102355 +0100 @@ -325,7 +325,6 @@ exit(EXIT_SUCCESS); }
>
> - umask(0);
> if (setsid() < 0) {
> SYSERROR("failed to setsid");
> exit(EXIT_FAILURE);
> _______________________________________________
> lxc-devel mailing list
> lxc-devel at lists.linuxcontainers.org
> http://lists.linuxcontainers.org/listinfo/lxc-devel
More information about the lxc-devel
mailing list