]> git.ipfire.org Git - thirdparty/strongswan.git/commitdiff
stream-service-unix: Remove unnecessary execute permission from sockets
authorTobias Brunner <tobias@strongswan.org>
Thu, 15 Jan 2026 14:14:32 +0000 (15:14 +0100)
committerTobias Brunner <tobias@strongswan.org>
Fri, 6 Feb 2026 10:17:36 +0000 (11:17 +0100)
References strongswan/strongswan#2983

src/libstrongswan/networking/streams/stream_service_unix.c

index 43c05e376f1f1decd3450ffb6fcac9c384a4cd65..c1d8f57c824d4d3b0b355638c9b86dabff6ae0dd 100644 (file)
@@ -52,7 +52,7 @@ stream_service_t *stream_service_create_unix(char *uri, int backlog)
        }
        unlink(addr.sun_path);
 
-       old = umask(S_IRWXO);
+       old = umask(S_IXUSR | S_IXGRP | S_IRWXO);
        if (bind(fd, (struct sockaddr*)&addr, len) < 0)
        {
                DBG1(DBG_NET, "binding socket '%s' failed: %s", uri, strerror(errno));