Repository: trafficserver Updated Branches: refs/heads/master 6b9bf1cac -> 81e843f78
[TS-2421] MultiCache could theoretically create world-writeable files. This is masked (pun intended) by system default umask's. Project: http://git-wip-us.apache.org/repos/asf/trafficserver/repo Commit: http://git-wip-us.apache.org/repos/asf/trafficserver/commit/81e843f7 Tree: http://git-wip-us.apache.org/repos/asf/trafficserver/tree/81e843f7 Diff: http://git-wip-us.apache.org/repos/asf/trafficserver/diff/81e843f7 Branch: refs/heads/master Commit: 81e843f789d7e4ac9d473edf084184da77e67cce Parents: 6b9bf1c Author: Leif Hedstrom <[email protected]> Authored: Tue Jan 20 15:23:51 2015 -0700 Committer: Leif Hedstrom <[email protected]> Committed: Tue Jan 20 15:29:43 2015 -0700 ---------------------------------------------------------------------- CHANGES | 3 +++ iocore/hostdb/MultiCache.cc | 4 +--- 2 files changed, 4 insertions(+), 3 deletions(-) ---------------------------------------------------------------------- http://git-wip-us.apache.org/repos/asf/trafficserver/blob/81e843f7/CHANGES ---------------------------------------------------------------------- diff --git a/CHANGES b/CHANGES index 4631442..a1fb46a 100644 --- a/CHANGES +++ b/CHANGES @@ -1,6 +1,9 @@ -*- coding: utf-8 -*- Changes with Apache Traffic Server 5.3.0 + *) [TS-2421] MultiCache could theoretically create world-writeable + files. This is masked (pun intended) by system default umask's. + *) [TS-3308] We need an explicit -lpthread (when available) for ASAN builds to succeed. http://git-wip-us.apache.org/repos/asf/trafficserver/blob/81e843f7/iocore/hostdb/MultiCache.cc ---------------------------------------------------------------------- diff --git a/iocore/hostdb/MultiCache.cc b/iocore/hostdb/MultiCache.cc index aa0aecf..bac792d 100644 --- a/iocore/hostdb/MultiCache.cc +++ b/iocore/hostdb/MultiCache.cc @@ -548,9 +548,7 @@ MultiCacheBase::write_config(const char *config_filename, int nominal_size, int Layout::relative_to(p, sizeof(p), rundir, config_filename); - // XXX: Shouldn't that be 0664? - // - if ((fd =::open(p, O_CREAT | O_WRONLY | O_TRUNC, 0666)) >= 0) { + if ((fd =::open(p, O_CREAT | O_WRONLY | O_TRUNC, 0644)) >= 0) { snprintf(buf, sizeof(buf) - 1, "%d\n%d\n%d\n", nominal_size, abuckets, heap_size); buf[sizeof(buf) - 1] = 0; if (ink_file_fd_writestring(fd, buf) != -1 && store->write(fd, filename) >= 0)
