[pulseaudio-commits] Branch 'next' - src/daemon
Tanu Kaskinen
tanuk at kemper.freedesktop.org
Sun Aug 20 06:52:07 UTC 2017
src/daemon/main.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
New commits:
commit 597a0aaf11a6ecf7b7835be756cb07294122d1fb
Author: Tanu Kaskinen <tanuk at iki.fi>
Date: Thu Aug 17 20:24:39 2017 +0300
main: set umask to 077 instead of 022
It was reported that PulseAudio weakens the umask to 022 if it's
initially set to 077. That's not as big problem as it might seem,
but it's still a problem. The umask affects the permissions of the state
files, and those aren't readable by other users anyway in the per-user
mode, because PulseAudio puts them in directories that aren't
accessible to other users. In the system mode the state files will be
readable by everyone, though, even by those users that don't otherwise
have access to PulseAudio. The state files are slightly
privacy-sensitive, because they contain e.g. history of applications
that have used PulseAudio.
I can't think of any use cases where access to the state files by other
users would be necessary, either in the per-user mode or in the system
mode, so let's use umask 077. This doesn't prevent access to any
sockets in the system mode, because all directories that PulseAudio
creates in the system mode will have permissions 755 regardless of the
umask, and the sockets themselves always have permissions 777.
BugLink: https://bugs.freedesktop.org/show_bug.cgi?id=102060
diff --git a/src/daemon/main.c b/src/daemon/main.c
index f35252d0..9d99b8fe 100644
--- a/src/daemon/main.c
+++ b/src/daemon/main.c
@@ -888,7 +888,7 @@ int main(int argc, char *argv[]) {
pa_set_env_and_record("PULSE_INTERNAL", "1");
pa_assert_se(chdir("/") == 0);
- umask(0022);
+ umask(0077);
#ifdef HAVE_SYS_RESOURCE_H
set_all_rlimits(conf);
More information about the pulseaudio-commits
mailing list