Subject: Re: Are permissions of local sockets correct?
To: Julio M. Merino Vidal <jmmv84@gmail.com>
From: Thor Lancelot Simon <tls@rek.tjls.com>
List: tech-kern
Date: 08/22/2005 03:16:26
On Sun, Aug 21, 2005 at 11:25:56PM +0200, Julio M. Merino Vidal wrote:
> Hi all,
> 
> while trying gamin (a file alteration monitor, like fam), I found that it
> refuses to work because it detects that the local sockets it creates
> have "too much permissions" (that is, 777).
> 
> As I see in our code, local sockets are always created with this
> mode, regardless of the user's umask.  Is this correct?  And if so,
> why?

Because that's how BSD Unix always did it.

The portable solution for restricting access to a Unix domain socket is
to put it in a directory with appropriate permissions.  However, there
is code floating around out there that expects sockets to be created
with appropriate modes (respecting the umask) and I see no harm at all
in causing our implementation to work that way.  I suggest that you do
so.