commons-issues mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Imre Fitos (JIRA)" <j...@apache.org>
Subject [jira] [Created] (DAEMON-280) jsvc umask comparison wrong - fix attached
Date Fri, 22 Feb 2013 18:42:13 GMT
Imre Fitos created DAEMON-280:
---------------------------------

             Summary: jsvc umask comparison wrong - fix attached
                 Key: DAEMON-280
                 URL: https://issues.apache.org/jira/browse/DAEMON-280
             Project: Commons Daemon
          Issue Type: Bug
          Components: Jsvc
    Affects Versions: 1.0.13
         Environment: linux x64 ubuntu 12.04
            Reporter: Imre Fitos
            Priority: Minor


Current code does a bitwise AND with the supplied umask and decimal 022. 
This will pass on 022 but fail on most other, proper umasks like 077.

This is still present in 1.0.14

patch to fix is here:

--- commons-daemon-1.0.13-src-ORIG/src/native/unix/native/jsvc-unix.c	2013-02-06 13:15:58.000000000
-0500
+++ commons-daemon-1.0.13-src/src/native/unix/native/jsvc-unix.c	2013-02-22 13:19:08.937906780
-0500
@@ -1230,13 +1230,13 @@
     /*
      * umask() uses inverse logic; bits are CLEAR for allowed access.
      */
-    if (~args->umask & 0022) {
-        log_error("NOTICE: jsvc umask of %03o allows "
+    if ((~(args->umask % 10) & 2) || (~(args->umask / 10) & 2)) {
+        log_error("NOTICE: jsvc umask of %04d allows "
                   "write permission to group and/or other", args->umask);
     }
     envmask = umask(args->umask);
     set_output(args->outfile, args->errfile, args->redirectstdin, args->procname);
-    log_debug("Switching umask back to %03o from %03o", envmask, args->umask);
+    log_debug("Switching umask back to %04d from %04d", envmask, args->umask);
     res = run_controller(args, data, uid, gid);
     if (logger_pid != 0) {
         kill(logger_pid, SIGTERM);


--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators
For more information on JIRA, see: http://www.atlassian.com/software/jira

Mime
View raw message