On 2020/4/20 1:39, The Lee-Man wrote:
On Friday, April 17, 2020 at 2:08:57 AM UTC-7, Wu Bo wrote:
Hi,
Iscsid log damon is responsible for reading data from shared memory
and writing syslog. Iscsid is the root user group.
Currently, it is not seen that non-root users need to read logs.
The principle of minimizing the use of permissions, all the permissions
are changed from 644 to 600.
Signed-off-by: Wu Bo ...
---
usr/log.c | 6 +++---
1 file changed, 3 insertions(+), 3 deletions(-)
diff --git a/usr/log.c b/usr/log.c
index 6e16e7c..2fc1850 100644
--- a/usr/log.c
+++ b/usr/log.c
@@ -73,7 +73,7 @@ static int logarea_init (int size)
logdbg(stderr,"enter logarea_init\n");
if ((shmid = shmget(IPC_PRIVATE, sizeof(struct logarea),
- 0644 | IPC_CREAT | IPC_EXCL)) == -1) {
+ 0600 | IPC_CREAT | IPC_EXCL)) == -1) {
syslog(LOG_ERR, "shmget logarea failed %d", errno);
return 1;
}
@@ -93,7 +93,7 @@ static int logarea_init (int size)
size = DEFAULT_AREA_SIZE;
if ((shmid = shmget(IPC_PRIVATE, size,
- 0644 | IPC_CREAT | IPC_EXCL)) == -1) {
+ 0600 | IPC_CREAT | IPC_EXCL)) == -1) {
syslog(LOG_ERR, "shmget msg failed %d", errno);
free_logarea();
return 1;
@@ -114,7 +114,7 @@ static int logarea_init (int size)
la->tail = la->start;
if ((shmid = shmget(IPC_PRIVATE, MAX_MSG_SIZE + sizeof(struct
logmsg),
- 0644 | IPC_CREAT | IPC_EXCL)) == -1) {
+ 0600 | IPC_CREAT | IPC_EXCL)) == -1) {
syslog(LOG_ERR, "shmget logmsg failed %d", errno);
free_logarea();
return 1;
--
1.8.3.1
This looks good to me. Any chance you can make this a pull request for
open-iscsi/open-iscsi on github?
--
OK, I will submit a pull request for open-iscsi/open-iscsi on github.
Thanks
Wu Bo
--
You received this message because you are subscribed to the Google Groups
"open-iscsi" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to [email protected].
To view this discussion on the web visit
https://groups.google.com/d/msgid/open-iscsi/a2345d15-4c7d-4e02-5ee0-db6363c0a1ab%40huawei.com.
