diff options
| author | Tanu Kaskinen <tanuk@iki.fi> | 2017-08-17 20:24:39 +0300 |
|---|---|---|
| committer | Tanu Kaskinen <tanuk@iki.fi> | 2017-09-05 13:46:27 +0300 |
| commit | 1a66715320a254ed5d45d4c555d9da55ea3f8682 (patch) | |
| tree | 947f026263b90f9ba0c20dda31307623feb1a7d9 | |
| parent | 95404ce3f398a6882a73c09264a44cc8a9e394ec (diff) | |
main: set umask to 077 instead of 022
It was reported that PulseAudio weakens the umask to 022 if it's
initially set to 077. That's not as big problem as it might seem,
but it's still a problem. The umask affects the permissions of the state
files, and those aren't readable by other users anyway in the per-user
mode, because PulseAudio puts them in directories that aren't
accessible to other users. In the system mode the state files will be
readable by everyone, though, even by those users that don't otherwise
have access to PulseAudio. The state files are slightly
privacy-sensitive, because they contain e.g. history of applications
that have used PulseAudio.
I can't think of any use cases where access to the state files by other
users would be necessary, either in the per-user mode or in the system
mode, so let's use umask 077. This doesn't prevent access to any
sockets in the system mode, because all directories that PulseAudio
creates in the system mode will have permissions 755 regardless of the
umask, and the sockets themselves always have permissions 777.
BugLink: https://bugs.freedesktop.org/show_bug.cgi?id=102060
| -rw-r--r-- | src/daemon/main.c | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/src/daemon/main.c b/src/daemon/main.c index f35252d06..9d99b8fe2 100644 --- a/src/daemon/main.c +++ b/src/daemon/main.c @@ -888,7 +888,7 @@ int main(int argc, char *argv[]) { pa_set_env_and_record("PULSE_INTERNAL", "1"); pa_assert_se(chdir("/") == 0); - umask(0022); + umask(0077); #ifdef HAVE_SYS_RESOURCE_H set_all_rlimits(conf); |