[
https://issues.apache.org/jira/browse/DAEMON-280?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13584974#comment-13584974
]
Imre Fitos edited comment on DAEMON-280 at 2/23/13 2:59 AM:
------------------------------------------------------------
Use "-umask 0077" as an argument and you will see the error message "NOTICE:
jsvc umask of 077 allows write permission to group and/or other"
You made a good point: Currently src/native/unix/native/arguments.c line 284
stores the '-umask' value using atoi which uses base 10. Wouldn't this work if
the command line umask supplied was treated as octal instead?
Patch to read umask in octal is here:
{noformat}
--- commons-daemon-1.0.13-src-ORIG/src/native/unix/native/arguments.c
2013-02-06 13:15:58.000000000 -0500
+++ commons-daemon-1.0.13-src/src/native/unix/native/arguments.c
2013-02-22 21:39:10.979848841 -0500
@@ -281,7 +281,7 @@
log_error("Invalid umask specified");
return NULL;
}
- args->umask = atoi(temp);
+ args->umask = strtol(temp, NULL, 8);
if (args->umask < 02) {
log_error("Invalid umask specified (min=02)");
return NULL;
{noformat}
was (Author: imre.fitos):
Use "-umask 0077" as an argument and you will see the error message
"NOTICE: jsvc umask of 077 allows write permission to group and/or other"
You made a good point: Currently src/native/unix/native/arguments.c line 284
stores the '-umask' value using atoi which uses base 10. Wouldn't this work if
the command line umask supplied was treated as octal instead?
Patch to read umask in octal is here:
{{
--- commons-daemon-1.0.13-src-ORIG/src/native/unix/native/arguments.c
2013-02-06 13:15:58.000000000 -0500
+++ commons-daemon-1.0.13-src/src/native/unix/native/arguments.c
2013-02-22 21:39:10.979848841 -0500
@@ -281,7 +281,7 @@
log_error("Invalid umask specified");
return NULL;
}
- args->umask = atoi(temp);
+ args->umask = strtol(temp, NULL, 8);
if (args->umask < 02) {
log_error("Invalid umask specified (min=02)");
return NULL;
}}
> jsvc umask comparison wrong - fix attached
> ------------------------------------------
>
> Key: DAEMON-280
> URL: https://issues.apache.org/jira/browse/DAEMON-280
> Project: Commons Daemon
> Issue Type: Bug
> Components: Jsvc
> Affects Versions: 1.0.13
> Environment: linux x64 ubuntu 12.04
> Reporter: Imre Fitos
> Priority: Minor
>
> Current code does a bitwise AND with the supplied umask and decimal 022.
> This will pass on 022 but fail on most other, proper umasks like 077.
> This is still present in 1.0.14
> patch to fix is here:
> {noformat}
> --- commons-daemon-1.0.13-src-ORIG/src/native/unix/native/jsvc-unix.c
> 2013-02-06 13:15:58.000000000 -0500
> +++ commons-daemon-1.0.13-src/src/native/unix/native/jsvc-unix.c
> 2013-02-22 13:19:08.937906780 -0500
> @@ -1230,13 +1230,13 @@
> /*
> * umask() uses inverse logic; bits are CLEAR for allowed access.
> */
> - if (~args->umask & 0022) {
> - log_error("NOTICE: jsvc umask of %03o allows "
> + if ((~(args->umask % 10) & 2) || (~(args->umask / 10) & 2)) {
> + log_error("NOTICE: jsvc umask of %04d allows "
> "write permission to group and/or other", args->umask);
> }
> envmask = umask(args->umask);
> set_output(args->outfile, args->errfile, args->redirectstdin,
> args->procname);
> - log_debug("Switching umask back to %03o from %03o", envmask,
> args->umask);
> + log_debug("Switching umask back to %04d from %04d", envmask,
> args->umask);
> res = run_controller(args, data, uid, gid);
> if (logger_pid != 0) {
> kill(logger_pid, SIGTERM);
> {noformat}
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators
For more information on JIRA, see: http://www.atlassian.com/software/jira
