From 7cec54455ac0f2cb02bf532c2acfabe682c10c2c Mon Sep 17 00:00:00 2001
From: Serge Hallyn <serge@hallyn.com>
Date: Tue, 29 Aug 2023 16:14:28 -0500
Subject: [PATCH] Update console perms to 0600

Closes #4338

We should not give execute permissions to console output.

Signed-off-by: Serge Hallyn <serge@hallyn.com>
---
 src/lxc/utils.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/src/lxc/utils.c b/src/lxc/utils.c
index 2ccd6fb87..f445debd6 100644
--- a/src/lxc/utils.c
+++ b/src/lxc/utils.c
@@ -1856,7 +1856,7 @@ int fix_stdio_permissions(uid_t uid)
 			continue;
 		}
 
-		ret = fchmod(std_fds[i], 0700);
+		ret = fchmod(std_fds[i], 0600);
 		if (ret) {
 			SYSTRACE("Failed to chmod standard I/O file descriptor %d", std_fds[i]);
 			fret = -1;
-- 
2.47.2