diff options
| author |   nicm <nicm@openbsd.org> | 2020-03-12 09:26:34 +0000 |
|---|---|---|
| committer | nicm <nicm@openbsd.org> | 2020-03-12 09:26:34 +0000 |
| commit | b6d7e0c74f46bf3ef1f5f2a60099a0fc6e8c9eb6 (patch) | |
| tree | cb5682957ea17b17c739b06ba9a26992663a24b7 /usr.bin/tmux/server.c | |
| parent | Fix unlimited recursion caused by local outbound bcast/mcast packet (diff) | |
| download | wireguard-openbsd-b6d7e0c74f46bf3ef1f5f2a60099a0fc6e8c9eb6.tar.xz wireguard-openbsd-b6d7e0c74f46bf3ef1f5f2a60099a0fc6e8c9eb6.zip | |
When the server socket is given by the user with -S, create it with
umask 177 instead of 117 because it may not be in a safe directory like
the default directory in /tmp. The user can chmod it more open after it
is created if they want.
Diffstat (limited to 'usr.bin/tmux/server.c')
| -rw-r--r-- | usr.bin/tmux/server.c | 19 |
1 files changed, 12 insertions, 7 deletions
diff --git a/usr.bin/tmux/server.c b/usr.bin/tmux/server.c index 9790bf0bb0b..67ecdb08767 100644 --- a/usr.bin/tmux/server.c +++ b/usr.bin/tmux/server.c @@ -1,4 +1,4 @@ -/* $OpenBSD: server.c,v 1.187 2019/06/20 06:51:36 nicm Exp $ */ +/* $OpenBSD: server.c,v 1.188 2020/03/12 09:26:34 nicm Exp $ */ /* * Copyright (c) 2007 Nicholas Marriott <nicholas.marriott@gmail.com> @@ -45,6 +45,7 @@ struct clients clients; struct tmuxproc *server_proc; static int server_fd = -1; +static int server_client_flags; static int server_exit; static struct event server_ev_accept; @@ -98,7 +99,7 @@ server_check_marked(void) /* Create server socket. */ static int -server_create_socket(char **cause) +server_create_socket(int flags, char **cause) { struct sockaddr_un sa; size_t size; @@ -117,7 +118,10 @@ server_create_socket(char **cause) if ((fd = socket(AF_UNIX, SOCK_STREAM, 0)) == -1) goto fail; - mask = umask(S_IXUSR|S_IXGRP|S_IRWXO); + if (flags & CLIENT_DEFAULTSOCKET) + mask = umask(S_IXUSR|S_IXGRP|S_IRWXO); + else + mask = umask(S_IXUSR|S_IRWXG|S_IRWXO); if (bind(fd, (struct sockaddr *)&sa, sizeof sa) == -1) { saved_errno = errno; close(fd); @@ -146,8 +150,8 @@ fail: /* Fork new server. */ int -server_start(struct tmuxproc *client, struct event_base *base, int lockfd, - char *lockfile) +server_start(struct tmuxproc *client, int flags, struct event_base *base, + int lockfd, char *lockfile) { int pair[2]; sigset_t set, oldset; @@ -156,6 +160,7 @@ server_start(struct tmuxproc *client, struct event_base *base, int lockfd, if (socketpair(AF_UNIX, SOCK_STREAM, PF_UNSPEC, pair) != 0) fatal("socketpair failed"); + server_client_flags = flags; sigfillset(&set); sigprocmask(SIG_BLOCK, &set, &oldset); @@ -193,7 +198,7 @@ server_start(struct tmuxproc *client, struct event_base *base, int lockfd, gettimeofday(&start_time, NULL); - server_fd = server_create_socket(&cause); + server_fd = server_create_socket(flags, &cause); if (server_fd != -1) server_update_socket(); c = server_client_create(pair[1]); @@ -396,7 +401,7 @@ server_signal(int sig) break; case SIGUSR1: event_del(&server_ev_accept); - fd = server_create_socket(NULL); + fd = server_create_socket(server_client_flags, NULL); if (fd != -1) { close(server_fd); server_fd = fd; |