[SERVER-16086] Should not open the Unix Domain Socket if the chmod fails. Created: 11/Nov/14  Updated: 19/May/16  Resolved: 05/Jan/15

Status: Closed
Project: Core Server
Component/s: Admin, Security
Affects Version/s: None
Fix Version/s: 2.8.0-rc3

Type: Bug Priority: Major - P3
Reporter: Robert Moore Assignee: David Hows
Resolution: Done Votes: 0
Labels: community-team, security
Remaining Estimate: Not Specified
Time Spent: Not Specified
Original Estimate: Not Specified

Issue Links:
Depends
depends on SERVER-13022 AF_UNIX socket file should not force ... Closed
Related
Backwards Compatibility: Minor Change
Operating System: ALL
Participants:

 Description   

The change for SERVER-13022 allows the user to specify the permissions that should be set on the Unix Domain Socket. This allows users to ensure that the socket can only be used by allowed users.

Currently, if the chmod fails the server still opens the socket for incoming connections. Since the permissions on the socket are now indeterminate this could expose the process to users on the system that would not normally have access.

I think the code should be changed to only open the socket if the chmod succeeds.

If the chmod fails the server should attempt to remove the socket file (since it created it) and update the logged warning to indicate that the socket will not be opened.

Rob.



 Comments   
Comment by Githook User [ 09/Dec/14 ]

Author:

{u'username': u'daveh86', u'name': u'daveh86', u'email': u'howsdav@gmail.com'}

Message: SERVER-16086 Should not open the Unix Domain Socket if the chmod fails

Closes #871

Signed-off-by: Benety Goh <benety@mongodb.com>
Branch: master
https://github.com/mongodb/mongo/commit/801f3737ec62993e78a671359f11a1b1b7947a3a

Comment by Matt Kangas [ 11/Nov/14 ]

It might be best for the server to abort if it cannot correctly open and configure a socket, rather than plowing onward with a subset of expected sockets.

Example: mongod 2.7.9-pre does the following if the socket file cannot be unlinked.

2014-11-11T16:50:39.955-0500 I NETWORK  [initandlisten] couldn't unlink socket file /Users/kangas/foo/mongodb-8080.sockerrno:13 Permission denied skipping
2014-11-11T16:50:39.962-0500 I JOURNAL  [initandlisten] journal dir=tmp/journal
2014-11-11T16:50:39.963-0500 I JOURNAL  [initandlisten] recover : no journal files present, no recovery needed
2014-11-11T16:50:40.003-0500 I NETWORK  [initandlisten] waiting for connections on port 8080

Generated at Thu Feb 08 03:39:55 UTC 2024 using Jira 9.7.1#970001-sha1:2222b88b221c4928ef0de3161136cc90c8356a66.