In the unlikely case that mdmon is started with an overly
permissive umask, we don't want to risk giving away world acccess.
All other "mkdir" and "O_CREAT" calls in mdmon and mdadm set
a suitably restrictive permission mask. 'bind' don't take an
explicit mask so it needs an implicit one.
Reported-by: Vincent Berg <vberg@ioactive.com>
Signed-off-by: NeilBrown <neilb@suse.de>
addr.sun_family = PF_LOCAL;
strcpy(addr.sun_path, path);
+ umask(077); /* ensure no world write access */
if (bind(sfd, &addr, sizeof(addr)) < 0) {
close(sfd);
return -1;