Re: (ITS#4709) Insufficient permissions on PF_LOCAL sockets

Saturday, 14 October 2006

ian(a)uns.ns.ac.yu wrote:
...
 Linux, as opposed to other *NIXes, honors PF_LOCAL socket file mode
bits, so a
 user must have the write permission to use the socket. OpenLDAP bind()s its
 PF_LOCAL sockets without any special arrangements, so the resulting socket's
 permissions are governed by the current umask. Since the umask is usually 022 or
 002, the socket ends up not being world-writable, making it unusable for users
 other than root.

 Earlier OpenLDAP releases recognized a non-standard "x-mod" URL extension for
 manipulating socket permissions, and the parsing code is still there, but its
 results are unused.
    Yes, that's been removed because non-portable and of little use.  The 
preferred use consists in creating the socket according to umask in a 
directory with the desired permissions.  Right now, those permissions 
are used to coarse grain regulate operations on a specific listener; 
considering their limited usefulness, their use is not recommended as 
that extension could be removed.  It's considered experimental.
...
 With the attached patch, PF_LOCAL sockets are always created
world-writable by
 setting the umask to zero before bind(). The previous umask is restored
 immediately afterwards. Umask manipulation shouldn't affect PF_UNIX bind()s, so
 I haven't surrounded it with #ifdef LDAP_PF_LOCAL.
    Your approach seems to be sound.  I'll review the patch.

Thanks, p.

Ing. Pierangelo Masarati
OpenLDAP Core Team

SysNet s.n.c.
Via Dossi, 8 - 27100 Pavia - ITALIA
http://www.sys-net.it
------------------------------------------
Office:   +39.02.23998309
Mobile:   +39.333.4963172
Email:    pierangelo.masarati(a)sys-net.it
------------------------------------------

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

2009

2008

2007

2006