please reconsider umask(0)
Bug #1628738 reported by
Seth Arnold
This bug affects 1 person
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
oslo.privsep |
New
|
Undecided
|
Unassigned |
Bug Description
Hello; I'm conducting a very quick review of oslo.privsep as part of the Ubuntu main inclusion process.
This isn't strictly a bug but I'd like to suggest that the 'umask(0)' call here be replaced with a safer umask, e.g. 0022 or 0077:
def run(self):
"""Run request loop. Sets up environment, then calls loop()"""
os.umask(0)
self.loop()
I know W Richard Stevens put 'umask(0)' into his daemonize() routines but I think that was a mistake. The umask mode should be a fail-safe mode rather than a fail-open mode.
Thanks
information type: | Private Security → Public Security |
To post a comment you must log in.