[pulseaudio-discuss] [PATCH] main: set umask to 077 instead of 022
Arun Raghavan
arun at arunraghavan.net
Fri Aug 18 06:13:21 UTC 2017
On Thu, 17 Aug 2017, at 10:54 PM, Tanu Kaskinen wrote:
> It was reported that PulseAudio weakens the umask to 022 if it's
> initially set to 077. That's not as big problem as it might seem,
> but it's still a problem. The umask affects the permissions of the state
> files, and those aren't readable by other users anyway in the per-user
> mode, because PulseAudio puts them in directories that aren't
> accessible to other users. In the system mode the state files will be
> readable by everyone, though, even by those users that don't otherwise
> have access to PulseAudio. The state files are slightly
> privacy-sensitive, because they contain e.g. history of applications
> that have used PulseAudio.
>
> I can't think of any use cases where access to the state files by other
> users would be necessary, either in the per-user mode or in the system
> mode, so let's use umask 077. This doesn't prevent access to any
> sockets in the system mode, because all directories that PulseAudio
> creates in the system mode will have permissions 755 regardless of the
> umask, and the sockets themselves always have permissions 777.
>
> BugLink: https://bugs.freedesktop.org/show_bug.cgi?id=102060
> ---
> src/daemon/main.c | 2 +-
> 1 file changed, 1 insertion(+), 1 deletion(-)
>
> diff --git a/src/daemon/main.c b/src/daemon/main.c
> index f35252d06..9d99b8fe2 100644
> --- a/src/daemon/main.c
> +++ b/src/daemon/main.c
> @@ -888,7 +888,7 @@ int main(int argc, char *argv[]) {
>
> pa_set_env_and_record("PULSE_INTERNAL", "1");
> pa_assert_se(chdir("/") == 0);
> - umask(0022);
> + umask(0077);
>
> #ifdef HAVE_SYS_RESOURCE_H
> set_all_rlimits(conf);
> --
Patch itself looks good to me. I suggest waiting a bit in case someone
has a use-case we have missed, and also making a note of this change for
the 12.0 release.
-- Arun
More information about the pulseaudio-discuss
mailing list