Uploaded image for project: 'Core Server'
  1. Core Server
  2. SERVER-16086

Should not open the Unix Domain Socket if the chmod fails.

    XMLWordPrintable

    Details

    • Backwards Compatibility:
      Minor Change
    • Operating System:
      ALL

      Description

      The change for SERVER-13022 allows the user to specify the permissions that should be set on the Unix Domain Socket. This allows users to ensure that the socket can only be used by allowed users.

      Currently, if the chmod fails the server still opens the socket for incoming connections. Since the permissions on the socket are now indeterminate this could expose the process to users on the system that would not normally have access.

      I think the code should be changed to only open the socket if the chmod succeeds.

      If the chmod fails the server should attempt to remove the socket file (since it created it) and update the logged warning to indicate that the socket will not be opened.

      Rob.

        Attachments

          Issue Links

            Activity

              People

              • Votes:
                0 Vote for this issue
                Watchers:
                7 Start watching this issue

                Dates

                • Created:
                  Updated:
                  Resolved: