Explicitly chmod AF_UNIX sockets to 0600 when *GroupWritable isn't specified

author Andrea Shepard <andrea@torproject.org>

Tue, 13 Jan 2015 00:27:04 +0000 (00:27 +0000)

committer Andrea Shepard <andrea@torproject.org>

Tue, 13 Jan 2015 00:27:04 +0000 (00:27 +0000)
author Andrea Shepard <andrea@torproject.org>
Tue, 13 Jan 2015 00:27:04 +0000 (00:27 +0000)
committer Andrea Shepard <andrea@torproject.org>
Tue, 13 Jan 2015 00:27:04 +0000 (00:27 +0000)
diff --git a/src/or/connection.c b/src/or/connection.c

index 0a7a6a882b5bf50172ff1112f4d0295254774131..a3c701981298cf387079f6326931f280e09d3b4a 100644 (file)
--- a/src/or/connection.c
+++ b/src/or/connection.c
@@ -1244,6 +1244,16 @@ connection_listener_new(const struct sockaddr *listensockaddr,
          log_warn(LD_FS,"Unable to make %s group-writable.", address);
          goto err;
        }
+    } else if ((type == CONN_TYPE_CONTROL_LISTENER &&
+                !(options->ControlSocketsGroupWritable)) ||
+               (type == CONN_TYPE_AP_LISTENER &&
+                !(options->SocksSocketsGroupWritable))) {
+      /* We need to use chmod; fchmod doesn't work on sockets on all
+       * platforms. */
+      if (chmod(address, 0600) < 0) {
+        log_warn(LD_FS,"Unable to make %s group-writable.", address);
+        goto err;
+      }
      }
  
      if (listen(s, SOMAXCONN) < 0) {
author	Andrea Shepard <andrea@torproject.org>
	Tue, 13 Jan 2015 00:27:04 +0000 (00:27 +0000)
committer	Andrea Shepard <andrea@torproject.org>
	Tue, 13 Jan 2015 00:27:04 +0000 (00:27 +0000)