[pulseaudio-discuss] [PATCH] pipe-sink, pipe-source: fix file permissions
Tanu Kaskinen
tanuk at iki.fi
Mon Jul 9 12:40:57 UTC 2018
On Sat, 2018-07-07 at 11:48 +0200, Georg Chini wrote:
> On 04.07.2018 12:40, Tanu Kaskinen wrote:
> > We recently changed the umask of the daemon from 022 to 077, which broke
> > module-pipe-sink in the system mode, because nobody was allowed to read
> > from the pipe.
> >
> > module-pipe-source in the system mode was probably always broken,
> > because the old umask of 022 should prevent anyone from writing to the
> > pipe.
> >
> > This patch uses chmod() after the file creation to set the permissions
> > to 0666, which is what the fkfifo() call tried to set.
> >
> > Bug link: https://bugs.freedesktop.org/show_bug.cgi?id=107070
> > ---
>
> Should the permissions really be 666? Would not 660 be better,
> so that there is at least some control who may access the pipe?
If the mode were 660, the bug that was reported would not be fixed. In
the system mode the owner and group are "pulse", so nobody would be
able to access the pipe.
I agree that it's questionable to give everyone access, but that's what
we've always done (or at least we've always given read access, but the
intention has been to give write access as well).
If we want to tighten the permissions, that can be done in a separate
patch. We could make the mode configurable and default to 600 in the
user mode and 666 in the system mode. We could also make the group
configurable with "pulse-access" as the default group, then we could
default to 660 in the system mode.
We could also remove write access in case of module-pipe-sink and read
access in case of module-pipe-source.
--
Tanu
https://liberapay.com/tanuk
https://www.patreon.com/tanuk
More information about the pulseaudio-discuss
mailing list