[patch] Improve unix socket permissions
Thomas Jarosch
thomas.jarosch at intra2net.com
Thu Aug 21 11:01:46 EDT 2008
Hello together,
currently unix sockets get created by cyrus-master
with ownership of "root.root" and file mode 0777.
Attached patch makes the user, group and file mode configurable.
If nothing is specified in cyrus.conf, it defaults to CYRUS_USER
(+group of the user) and mode 660 for improved security.
Would be nice if someone on BSD / unix could give it a try
as the file mode is set via umask() instead of chmod() to
prevent a race condition during creation of the socket.
The patch runs fine with cyrus-imapd 2.3.12p2 on linux.
Cheers,
Thomas
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.andrew.cmu.edu/pipermail/cyrus-devel/attachments/20080821/3b392b8c/attachment.html
-------------- next part --------------
A non-text attachment was scrubbed...
Name: cyrus-imapd-unix-socket-permissions.patch
Type: text/x-patch
Size: 6070 bytes
Desc: not available
Url : http://lists.andrew.cmu.edu/pipermail/cyrus-devel/attachments/20080821/3b392b8c/attachment.bin
More information about the Cyrus-devel
mailing list