[master] ca9829339 Fix mode for JAIL_FIXFD_FILE in the unix jail
Dridi Boukelmoune
dridi at varni.sh
Tue Mar 5 15:30:14 UTC 2024
On Fri, Mar 1, 2024 at 11:28 AM Nils Goroll <nils.goroll at uplex.de> wrote:
>
>
> commit ca98293398db21f9392cce0c762afde37872badb
> Author: Nils Goroll <nils.goroll at uplex.de>
> Date: Fri Mar 1 12:24:44 2024 +0100
>
> Fix mode for JAIL_FIXFD_FILE in the unix jail
>
> Very much looks like copy-pasta in ede8c3dbe84b131d7e1240f28f2eb16c2818c309
>
> JAIL_FIXFD_VSMMGT and JAIL_FIXFD_VSMWRK work on directories but,
> as the name implies, JAIL_FIXFD_FILE not.
>
> diff --git a/bin/varnishd/mgt/mgt_jail_unix.c b/bin/varnishd/mgt/mgt_jail_unix.c
> index d979c00f0..f84d63c2e 100644
> --- a/bin/varnishd/mgt/mgt_jail_unix.c
> +++ b/bin/varnishd/mgt/mgt_jail_unix.c
> @@ -296,7 +296,7 @@ vju_fixfd(int fd, enum jail_fixfd_e what)
>
> switch (what) {
> case JAIL_FIXFD_FILE:
> - AZ(fchmod(fd, 0750));
> + AZ(fchmod(fd, 0600));
Spotted by Stéphane Cance on our end, why 600 and not 640?
> AZ(fchown(fd, vju_wrkuid, vju_wrkgid));
> break;
> case JAIL_FIXFD_VSMMGT:
> _______________________________________________
> varnish-commit mailing list
> varnish-commit at varnish-cache.org
> https://www.varnish-cache.org/lists/mailman/listinfo/varnish-commit
More information about the varnish-commit
mailing list