This is an automated email from the ASF dual-hosted git repository.

abudnik pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/mesos.git

commit 515b239983e51dd06c8b5c347b4b739644113f8f
Author: Andrei Budnik <abud...@apache.org>
AuthorDate: Wed May 6 19:48:38 2020 +0200

    Changed permissions for domain sockets to allow non-root executors.
    
    Previously, the default permissions for domain sockets allowed
    r/w access only for the file's user, so an executor launched under
    a non-privileged user could not open the agent's socket. This patch
    adds r/w permissions for the group and other users to address
    the access problem.
    
    Review: https://reviews.apache.org/r/72478
---
 src/common/domain_sockets.hpp | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/src/common/domain_sockets.hpp b/src/common/domain_sockets.hpp
index 6d2b0ab..630ea93 100644
--- a/src/common/domain_sockets.hpp
+++ b/src/common/domain_sockets.hpp
@@ -33,7 +33,7 @@ namespace internal {
 namespace common {
 
 constexpr size_t DOMAIN_SOCKET_MAX_PATH_LENGTH = 108;
-constexpr int DOMAIN_SOCKET_DEFAULT_MODE = 0600;
+constexpr int DOMAIN_SOCKET_DEFAULT_MODE = 0666;
 
 
 inline Try<process::network::unix::Socket> createDomainSocket(

Reply via email to