From: Pierangelo Masarati <ando@openldap.org>
Date: Sat, 14 Oct 2006 17:35:50 +0000 (+0000)
Subject: create IPC sockets with wide-open permissions (0222 might suffice; ITS#4709)
X-Git-Tag: OPENLDAP_REL_ENG_2_3_MP~52
X-Git-Url: https://git.sur5r.net/?a=commitdiff_plain;h=59e60483fac4ea42869ae4eb784f49328eb82df0;p=openldap

create IPC sockets with wide-open permissions (0222 might suffice; ITS#4709)
---

diff --git a/servers/slapd/daemon.c b/servers/slapd/daemon.c
index f1c535014a..8ad1f77e78 100644
--- a/servers/slapd/daemon.c
+++ b/servers/slapd/daemon.c
@@ -1310,24 +1310,39 @@ slap_open_listener(
 #ifdef LOCAL_CREDS
 		{
 			int one = 1;
-			setsockopt(l.sl_sd, 0, LOCAL_CREDS, &one, sizeof one);
+			setsockopt( l.sl_sd, 0, LOCAL_CREDS, &one, sizeof( one ) );
 		}
 #endif /* LOCAL_CREDS */
-		addrlen = sizeof(struct sockaddr_un);
+
+		addrlen = sizeof( struct sockaddr_un );
+
+		/* create socket with all permissions set for those systems
+		 * that honor permissions on sockets (e.g. Linux); typically,
+		 * only write is required.  To exploit filesystem permissions,
+		 * place the socket in a directory and use directory's
+		 * permissions.  Need write perms to the directory to 
+		 * create/unlink the socket; likely need exec perms to access
+		 * the socket */
+		{
+			mode_t old_umask;
+
+			old_umask = umask( 0 );
+			rc = bind( l.sl_sd, *sal, addrlen );
+			umask( old_umask );
+			if ( rc ) {
+				err = sock_errno();
+				Debug( LDAP_DEBUG_ANY,
+					"daemon: bind(%ld) failed errno=%d (%s)\n",
+					(long)l.sl_sd, err, sock_errstr( err ) );
+				tcp_close( l.sl_sd );
+				sal++;
+				continue;
+			}
+		}
 		break;
 #endif /* LDAP_PF_LOCAL */
 		}
 
-		if (bind(l.sl_sd, *sal, addrlen)) {
-			err = sock_errno();
-			Debug( LDAP_DEBUG_ANY,
-				"daemon: bind(%ld) failed errno=%d (%s)\n",
-				(long) l.sl_sd, err, sock_errstr(err) );
-			tcp_close( l.sl_sd );
-			sal++;
-			continue;
-		}
-
 		switch ( (*sal)->sa_family ) {
 #ifdef LDAP_PF_LOCAL
 		case AF_LOCAL: {