Return-Path: X-Original-To: apmail-commons-issues-archive@minotaur.apache.org Delivered-To: apmail-commons-issues-archive@minotaur.apache.org Received: from mail.apache.org (hermes.apache.org [140.211.11.3]) by minotaur.apache.org (Postfix) with SMTP id 6B534E876 for ; Fri, 22 Feb 2013 23:54:14 +0000 (UTC) Received: (qmail 54200 invoked by uid 500); 22 Feb 2013 23:54:14 -0000 Delivered-To: apmail-commons-issues-archive@commons.apache.org Received: (qmail 54063 invoked by uid 500); 22 Feb 2013 23:54:14 -0000 Mailing-List: contact issues-help@commons.apache.org; run by ezmlm Precedence: bulk List-Help: List-Unsubscribe: List-Post: List-Id: Reply-To: issues@commons.apache.org Delivered-To: mailing list issues@commons.apache.org Received: (qmail 53981 invoked by uid 99); 22 Feb 2013 23:54:13 -0000 Received: from arcas.apache.org (HELO arcas.apache.org) (140.211.11.28) by apache.org (qpsmtpd/0.29) with ESMTP; Fri, 22 Feb 2013 23:54:13 +0000 Date: Fri, 22 Feb 2013 23:54:13 +0000 (UTC) From: "Sebb (JIRA)" To: issues@commons.apache.org Message-ID: In-Reply-To: References: Subject: [jira] [Updated] (DAEMON-280) jsvc umask comparison wrong - fix attached MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 7bit X-JIRA-FingerPrint: 30527f35849b9dde25b450d4833f0394 [ https://issues.apache.org/jira/browse/DAEMON-280?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Sebb updated DAEMON-280: ------------------------ Description: Current code does a bitwise AND with the supplied umask and decimal 022. This will pass on 022 but fail on most other, proper umasks like 077. This is still present in 1.0.14 patch to fix is here: {noformat} --- commons-daemon-1.0.13-src-ORIG/src/native/unix/native/jsvc-unix.c 2013-02-06 13:15:58.000000000 -0500 +++ commons-daemon-1.0.13-src/src/native/unix/native/jsvc-unix.c 2013-02-22 13:19:08.937906780 -0500 @@ -1230,13 +1230,13 @@ /* * umask() uses inverse logic; bits are CLEAR for allowed access. */ - if (~args->umask & 0022) { - log_error("NOTICE: jsvc umask of %03o allows " + if ((~(args->umask % 10) & 2) || (~(args->umask / 10) & 2)) { + log_error("NOTICE: jsvc umask of %04d allows " "write permission to group and/or other", args->umask); } envmask = umask(args->umask); set_output(args->outfile, args->errfile, args->redirectstdin, args->procname); - log_debug("Switching umask back to %03o from %03o", envmask, args->umask); + log_debug("Switching umask back to %04d from %04d", envmask, args->umask); res = run_controller(args, data, uid, gid); if (logger_pid != 0) { kill(logger_pid, SIGTERM); {noformat} was: Current code does a bitwise AND with the supplied umask and decimal 022. This will pass on 022 but fail on most other, proper umasks like 077. This is still present in 1.0.14 patch to fix is here: --- commons-daemon-1.0.13-src-ORIG/src/native/unix/native/jsvc-unix.c 2013-02-06 13:15:58.000000000 -0500 +++ commons-daemon-1.0.13-src/src/native/unix/native/jsvc-unix.c 2013-02-22 13:19:08.937906780 -0500 @@ -1230,13 +1230,13 @@ /* * umask() uses inverse logic; bits are CLEAR for allowed access. */ - if (~args->umask & 0022) { - log_error("NOTICE: jsvc umask of %03o allows " + if ((~(args->umask % 10) & 2) || (~(args->umask / 10) & 2)) { + log_error("NOTICE: jsvc umask of %04d allows " "write permission to group and/or other", args->umask); } envmask = umask(args->umask); set_output(args->outfile, args->errfile, args->redirectstdin, args->procname); - log_debug("Switching umask back to %03o from %03o", envmask, args->umask); + log_debug("Switching umask back to %04d from %04d", envmask, args->umask); res = run_controller(args, data, uid, gid); if (logger_pid != 0) { kill(logger_pid, SIGTERM); Preserve formatting > jsvc umask comparison wrong - fix attached > ------------------------------------------ > > Key: DAEMON-280 > URL: https://issues.apache.org/jira/browse/DAEMON-280 > Project: Commons Daemon > Issue Type: Bug > Components: Jsvc > Affects Versions: 1.0.13 > Environment: linux x64 ubuntu 12.04 > Reporter: Imre Fitos > Priority: Minor > > Current code does a bitwise AND with the supplied umask and decimal 022. > This will pass on 022 but fail on most other, proper umasks like 077. > This is still present in 1.0.14 > patch to fix is here: > {noformat} > --- commons-daemon-1.0.13-src-ORIG/src/native/unix/native/jsvc-unix.c 2013-02-06 13:15:58.000000000 -0500 > +++ commons-daemon-1.0.13-src/src/native/unix/native/jsvc-unix.c 2013-02-22 13:19:08.937906780 -0500 > @@ -1230,13 +1230,13 @@ > /* > * umask() uses inverse logic; bits are CLEAR for allowed access. > */ > - if (~args->umask & 0022) { > - log_error("NOTICE: jsvc umask of %03o allows " > + if ((~(args->umask % 10) & 2) || (~(args->umask / 10) & 2)) { > + log_error("NOTICE: jsvc umask of %04d allows " > "write permission to group and/or other", args->umask); > } > envmask = umask(args->umask); > set_output(args->outfile, args->errfile, args->redirectstdin, args->procname); > - log_debug("Switching umask back to %03o from %03o", envmask, args->umask); > + log_debug("Switching umask back to %04d from %04d", envmask, args->umask); > res = run_controller(args, data, uid, gid); > if (logger_pid != 0) { > kill(logger_pid, SIGTERM); > {noformat} -- This message is automatically generated by JIRA. If you think it was sent incorrectly, please contact your JIRA administrators For more information on JIRA, see: http://www.atlassian.com/software/jira