please reconsider umask(0)
Bug #1628738 reported by
Seth Arnold
This bug affects 1 person
| Affects | Status | Importance | Assigned to | Milestone | |
|---|---|---|---|---|---|
| oslo.privsep |
New
|
Undecided
|
Unassigned | ||
Bug Description
Hello; I'm conducting a very quick review of oslo.privsep as part of the Ubuntu main inclusion process.
This isn't strictly a bug but I'd like to suggest that the 'umask(0)' call here be replaced with a safer umask, e.g. 0022 or 0077:
def run(self):
"""Run request loop. Sets up environment, then calls loop()"""
os.umask(0)
self.loop()
I know W Richard Stevens put 'umask(0)' into his daemonize() routines but I think that was a mistake. The umask mode should be a fail-safe mode rather than a fail-open mode.
Thanks
| information type: | Private Security → Public Security |
To post a comment you must log in.
