Adjust unix domain IPC permissions.

BUG=chromium-os:7473 TEST=none Review URL: http://codereview.chromium.org/6280009 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@72007 0039d316-1c4b-4281-b951-d872f2087c98

Adjust unix domain IPC permissions.
BUG=chromium-os:7473 TEST=none Review URL: http://codereview.chromium.org/6280009 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@72007 0039d316-1c4b-4281-b951-d872f2087c98
6bef6c89 · dtu@chromium.org · ee383ec4 · 6bef6c89
Commit 6bef6c89 authored Jan 20, 2011 by dtu@chromium.org
Hide whitespace changes
Inline Side-by-side

Showing with 10 additions and 2 deletions

ipc/ipc_channel_posix.cc ipc/ipc_channel_posix.cc +10 -2

No files found.
--- a/ipc/ipc_channel_posix.cc
+++ b/ipc/ipc_channel_posix.cc
@@ -167,14 +167,14 @@ bool CreateServerUnixDomainSocket(const std::string& pipe_name,
  // Delete any old FS instances.
  unlink(pipe_name.c_str());
-    // Make sure the path we need exists.
+  // Make sure the path we need exists.
  FilePath path(pipe_name);
  FilePath dir_path = path.DirName();
  if (!file_util::CreateDirectory(dir_path)) {
    return false;
  }
-  // Create unix_addr structure
+  // Create unix_addr structure.
  struct sockaddr_un unix_addr;
  memset(&unix_addr, 0, sizeof(unix_addr));
  unix_addr.sun_family = AF_UNIX;
@@ -193,6 +193,14 @@ bool CreateServerUnixDomainSocket(const std::string& pipe_name,
    return false;
  }
+  // Adjust the socket permissions.
+  if (chmod(pipe_name.c_str(), 0600)) {
+    PLOG(ERROR) << "fchmod " << pipe_name;
+    if (HANDLE_EINTR(close(fd)) < 0)
+      PLOG(ERROR) << "close " << pipe_name;
+    return false;
+  }
  // Start listening on the socket.
  const int listen_queue_length = 1;
  if (listen(fd, listen_queue_length) != 0) {