wg-quick: allow enumeration of socket files

These OSes have an unpriv'd ifconfig, so this isn't an even larger info
leak.

Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>

diff --git a/src/wg-quick/darwin.bash b/src/wg-quick/darwin.bash
index d1c83c04ec5d6975b1d39621fe7999c993530cd1..8e0a71fdbd307cb97c1fa8bad83ea0d37ac882e7 100755 (executable)
--- a/src/wg-quick/darwin.bash
+++ b/src/wg-quick/darwin.bash
@@ -107,7 +107,7 @@ get_real_interface() {
 
 add_if() {
        export WG_TUN_NAME_FILE="/var/run/wireguard/$INTERFACE.name"
-       mkdir -m 0700 -p "/var/run/wireguard/"
+       mkdir -p "/var/run/wireguard/"
        cmd "${WG_QUICK_USERSPACE_IMPLEMENTATION:-wireguard-go}" utun
        get_real_interface
 }

diff --git a/src/wg-quick/openbsd.bash b/src/wg-quick/openbsd.bash
index b8934d4bddb1fea9a27fcadf46f33ff081ed16f6..d37e250e2cb9defe07e0d5e71fd9f26681e4a64e 100755 (executable)
--- a/src/wg-quick/openbsd.bash
+++ b/src/wg-quick/openbsd.bash
@@ -98,7 +98,7 @@ get_real_interface() {
 
 add_if() {
        export WG_TUN_NAME_FILE="/var/run/wireguard/$INTERFACE.name"
-       mkdir -m 0700 -p "/var/run/wireguard/"
+       mkdir -p "/var/run/wireguard/"
        cmd "${WG_QUICK_USERSPACE_IMPLEMENTATION:-wireguard-go}" tun
        get_real_interface
 }