Qubes/core-admin
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

qrexec_agent: When running as root, make the socket accessible

Browse Source 
... world-rw. Perms on /var/run/qubes still limit access to group qubes.
This commit is contained in:
Rafal Wojtczuk 2011-03-25 13:47:01 +01:00
parent 57fd6c49bb
commit 5c10812e36
1 changed files with 3 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
qrexec/qrexec_daemon.c
View File

@ -85,7 +85,6 @@ void init(int xid)
"/var/log/qubes/qrexec.%d.log", xid);
umask(0007);
logfd = open(dbg_log, O_WRONLY | O_CREAT | O_TRUNC, 0640);
umask(0077);
dup2(logfd, 1);
dup2(logfd, 2);
@ -98,7 +97,10 @@ void init(int xid)
remote_domain_name = peer_client_init(xid, REXEC_PORT);
setuid(getuid());
/* When running as root, make the socket accessible; perms on /var/run/qubes still apply */
umask(0);
server_fd = get_server_socket(xid, remote_domain_name);
umask(0077);
signal(SIGPIPE, SIG_IGN);
signal(SIGCHLD, sigchld_handler);
signal(SIGUSR1, SIG_DFL);