[src/trunk]: src/lib/libc/sys Document that binding local sockets now honors ...

[jmmv <jmmv%NetBSD.org@localhost>]

details:   https://anonhg.NetBSD.org/src/rev/0994c0005fdf
branches:  trunk
changeset: 583932:0994c0005fdf
user:      jmmv <jmmv%NetBSD.org@localhost>
date:      Tue Aug 30 15:05:04 2005 +0000

description:
Document that binding local sockets now honors the user's umask, why this
was done and that this behavior is not supposed to be portable.  Filling
under the security considerations section because code not following the
guidelines given here can be "less secure".

diffstat:

 lib/libc/sys/bind.2 |  18 ++++++++++++++++--
 1 files changed, 16 insertions(+), 2 deletions(-)

diffs (36 lines):

diff -r 4259a420f887 -r 0994c0005fdf lib/libc/sys/bind.2
--- a/lib/libc/sys/bind.2       Tue Aug 30 15:03:04 2005 +0000
+++ b/lib/libc/sys/bind.2       Tue Aug 30 15:05:04 2005 +0000
@@ -1,4 +1,4 @@
-.\"    $NetBSD: bind.2,v 1.24 2004/05/13 10:20:57 wiz Exp $
+.\"    $NetBSD: bind.2,v 1.25 2005/08/30 15:05:04 jmmv Exp $
 .\"
 .\" Copyright (c) 1983, 1993
 .\"    The Regents of the University of California.  All rights reserved.
@@ -29,7 +29,7 @@
 .\"
 .\"     @(#)bind.2     8.1 (Berkeley) 6/4/93
 .\"
-.Dd October 16, 2001
+.Dd August 30, 2005
 .Dt BIND 2
 .Os
 .Sh NAME
@@ -167,3 +167,17 @@
 packets destined for a server that bound to the
 same port with
 .Li INADDR_ANY .
+.Pp
+.Fn bind
+was changed in
+.Nx 4.0
+to honor the user's umask when binding sockets in the local domain.
+This was done to match the behavior of other operating systems, including
+.Fx ,
+.Ox and
+Linux, and to improve compatibility with some third-party software.
+Please note that this behavior
+.Em is not portable .
+If you must bind a local socket in a portable and secure way, you need
+to make a directory with tight permissions and then create the socket
+inside it.