On Friday, April 17, 2020 at 2:08:57 AM UTC-7, Wu Bo wrote:
>
> Hi,
>
> Iscsid log damon is responsible for reading data from shared memory
> and writing syslog. Iscsid is the root user group.
> Currently, it is not seen that non-root users need to read logs.
> The principle of minimizing the use of permissions, all the permissions
> are changed from 644 to 600.
>
> Signed-off-by: Wu Bo ...
> ---
> usr/log.c | 6 +++---
> 1 file changed, 3 insertions(+), 3 deletions(-)
>
> diff --git a/usr/log.c b/usr/log.c
> index 6e16e7c..2fc1850 100644
> --- a/usr/log.c
> +++ b/usr/log.c
> @@ -73,7 +73,7 @@ static int logarea_init (int size)
> logdbg(stderr,"enter logarea_init\n");
>
> if ((shmid = shmget(IPC_PRIVATE, sizeof(struct logarea),
> - 0644 | IPC_CREAT | IPC_EXCL)) == -1) {
> + 0600 | IPC_CREAT | IPC_EXCL)) == -1) {
> syslog(LOG_ERR, "shmget logarea failed %d", errno);
> return 1;
> }
> @@ -93,7 +93,7 @@ static int logarea_init (int size)
> size = DEFAULT_AREA_SIZE;
>
> if ((shmid = shmget(IPC_PRIVATE, size,
> - 0644 | IPC_CREAT | IPC_EXCL)) == -1) {
> + 0600 | IPC_CREAT | IPC_EXCL)) == -1) {
> syslog(LOG_ERR, "shmget msg failed %d", errno);
> free_logarea();
> return 1;
> @@ -114,7 +114,7 @@ static int logarea_init (int size)
> la->tail = la->start;
>
> if ((shmid = shmget(IPC_PRIVATE, MAX_MSG_SIZE + sizeof(struct
> logmsg),
> - 0644 | IPC_CREAT | IPC_EXCL)) == -1) {
> + 0600 | IPC_CREAT | IPC_EXCL)) == -1) {
> syslog(LOG_ERR, "shmget logmsg failed %d", errno);
> free_logarea();
> return 1;
> --
> 1.8.3.1
>
>
This looks good to me. Any chance you can make this a pull request for
open-iscsi/open-iscsi on github?
--
You received this message because you are subscribed to the Google Groups
"open-iscsi" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to [email protected].
To view this discussion on the web visit
https://groups.google.com/d/msgid/open-iscsi/c4ca6d31-2fe4-4f7f-a822-8b951f8807a5%40googlegroups.com.
