commons-issues mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Sebb (JIRA)" <j...@apache.org>
Subject [jira] [Updated] (DAEMON-280) jsvc umask comparison wrong - fix attached
Date Fri, 22 Feb 2013 23:54:13 GMT

     [ https://issues.apache.org/jira/browse/DAEMON-280?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]

Sebb updated DAEMON-280:
------------------------

    Description: 
Current code does a bitwise AND with the supplied umask and decimal 022. 
This will pass on 022 but fail on most other, proper umasks like 077.

This is still present in 1.0.14

patch to fix is here:

{noformat}
--- commons-daemon-1.0.13-src-ORIG/src/native/unix/native/jsvc-unix.c	2013-02-06 13:15:58.000000000
-0500
+++ commons-daemon-1.0.13-src/src/native/unix/native/jsvc-unix.c	2013-02-22 13:19:08.937906780
-0500
@@ -1230,13 +1230,13 @@
     /*
      * umask() uses inverse logic; bits are CLEAR for allowed access.
      */
-    if (~args->umask & 0022) {
-        log_error("NOTICE: jsvc umask of %03o allows "
+    if ((~(args->umask % 10) & 2) || (~(args->umask / 10) & 2)) {
+        log_error("NOTICE: jsvc umask of %04d allows "
                   "write permission to group and/or other", args->umask);
     }
     envmask = umask(args->umask);
     set_output(args->outfile, args->errfile, args->redirectstdin, args->procname);
-    log_debug("Switching umask back to %03o from %03o", envmask, args->umask);
+    log_debug("Switching umask back to %04d from %04d", envmask, args->umask);
     res = run_controller(args, data, uid, gid);
     if (logger_pid != 0) {
         kill(logger_pid, SIGTERM);
{noformat}


  was:
Current code does a bitwise AND with the supplied umask and decimal 022. 
This will pass on 022 but fail on most other, proper umasks like 077.

This is still present in 1.0.14

patch to fix is here:

--- commons-daemon-1.0.13-src-ORIG/src/native/unix/native/jsvc-unix.c	2013-02-06 13:15:58.000000000
-0500
+++ commons-daemon-1.0.13-src/src/native/unix/native/jsvc-unix.c	2013-02-22 13:19:08.937906780
-0500
@@ -1230,13 +1230,13 @@
     /*
      * umask() uses inverse logic; bits are CLEAR for allowed access.
      */
-    if (~args->umask & 0022) {
-        log_error("NOTICE: jsvc umask of %03o allows "
+    if ((~(args->umask % 10) & 2) || (~(args->umask / 10) & 2)) {
+        log_error("NOTICE: jsvc umask of %04d allows "
                   "write permission to group and/or other", args->umask);
     }
     envmask = umask(args->umask);
     set_output(args->outfile, args->errfile, args->redirectstdin, args->procname);
-    log_debug("Switching umask back to %03o from %03o", envmask, args->umask);
+    log_debug("Switching umask back to %04d from %04d", envmask, args->umask);
     res = run_controller(args, data, uid, gid);
     if (logger_pid != 0) {
         kill(logger_pid, SIGTERM);



Preserve formatting
                
> jsvc umask comparison wrong - fix attached
> ------------------------------------------
>
>                 Key: DAEMON-280
>                 URL: https://issues.apache.org/jira/browse/DAEMON-280
>             Project: Commons Daemon
>          Issue Type: Bug
>          Components: Jsvc
>    Affects Versions: 1.0.13
>         Environment: linux x64 ubuntu 12.04
>            Reporter: Imre Fitos
>            Priority: Minor
>
> Current code does a bitwise AND with the supplied umask and decimal 022. 
> This will pass on 022 but fail on most other, proper umasks like 077.
> This is still present in 1.0.14
> patch to fix is here:
> {noformat}
> --- commons-daemon-1.0.13-src-ORIG/src/native/unix/native/jsvc-unix.c	2013-02-06 13:15:58.000000000
-0500
> +++ commons-daemon-1.0.13-src/src/native/unix/native/jsvc-unix.c	2013-02-22 13:19:08.937906780
-0500
> @@ -1230,13 +1230,13 @@
>      /*
>       * umask() uses inverse logic; bits are CLEAR for allowed access.
>       */
> -    if (~args->umask & 0022) {
> -        log_error("NOTICE: jsvc umask of %03o allows "
> +    if ((~(args->umask % 10) & 2) || (~(args->umask / 10) & 2)) {
> +        log_error("NOTICE: jsvc umask of %04d allows "
>                    "write permission to group and/or other", args->umask);
>      }
>      envmask = umask(args->umask);
>      set_output(args->outfile, args->errfile, args->redirectstdin, args->procname);
> -    log_debug("Switching umask back to %03o from %03o", envmask, args->umask);
> +    log_debug("Switching umask back to %04d from %04d", envmask, args->umask);
>      res = run_controller(args, data, uid, gid);
>      if (logger_pid != 0) {
>          kill(logger_pid, SIGTERM);
> {noformat}

--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators
For more information on JIRA, see: http://www.atlassian.com/software/jira

Mime
View raw message