httpd-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Greg Stein <gst...@lyra.org>
Subject Re: [PATCH] addition of suexec umask setting
Date Mon, 10 Jan 2000 23:39:23 GMT
On Mon, 10 Jan 2000, Jim Jagielski wrote:
> Greg Stein wrote:
> > On Mon, 10 Jan 2000, Rodent of Unusual Size wrote:
> > >...
> > > +#ifdef SUEXEC_UMASK
> > > +    if ((SUEXEC_UMASK & 0022) == 0) {
> > > +       log_err("notice: SUEXEC_UMASK of %03o allows "
> > > +               "write permission to group and/or other\n", SUEXEC_UMASK);
> > > +    }
> > > +    umask(SUEXEC_UMASK);
> > > +#endif /* SUEXEC_UMASK */
> > 
> > If the umask is 0020, then the above notice is not issued. The notice only
> > shows up if group AND other permission is enabled. I think the test should
> > be:
> > 
> >   if ((SUEXEC_UMASK & 0022) != 0022) {
> > 
> > That should work better...
> > 
> 
> Hmmm... Shouldn't that be if ((SUEXEC_UMASK & 0022) != 0) ?
> If either bit is set, we want the warning, right?

I thought so at first, too. Then I read the man page :-)

umask() uses negative logic. You turn on bits to get them disabled in the
resulting permission bits.

:-)

-- 
Greg Stein, http://www.lyra.org/


Mime
View raw message