From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from dpdk.org (dpdk.org [92.243.14.124]) by inbox.dpdk.org (Postfix) with ESMTP id 2BB51A046B for ; Tue, 23 Jul 2019 12:54:32 +0200 (CEST) Received: from [92.243.14.124] (localhost [127.0.0.1]) by dpdk.org (Postfix) with ESMTP id 1B51D1BFF0; Tue, 23 Jul 2019 12:54:32 +0200 (CEST) Received: from mga05.intel.com (mga05.intel.com [192.55.52.43]) by dpdk.org (Postfix) with ESMTP id 8D1DA1BFF0 for ; Tue, 23 Jul 2019 12:54:30 +0200 (CEST) X-Amp-Result: SKIPPED(no attachment in message) X-Amp-File-Uploaded: False Received: from fmsmga005.fm.intel.com ([10.253.24.32]) by fmsmga105.fm.intel.com with ESMTP/TLS/DHE-RSA-AES256-GCM-SHA384; 23 Jul 2019 03:54:29 -0700 X-ExtLoop1: 1 X-IronPort-AV: E=Sophos;i="5.64,298,1559545200"; d="scan'208";a="368336444" Received: from silpixa00399126.ir.intel.com (HELO silpixa00399126.ger.corp.intel.com) ([10.237.223.2]) by fmsmga005.fm.intel.com with ESMTP; 23 Jul 2019 03:54:28 -0700 From: Bruce Richardson To: stable@dpdk.org Cc: Bruce Richardson Date: Tue, 23 Jul 2019 11:54:22 +0100 Message-Id: <20190723105422.57339-1-bruce.richardson@intel.com> X-Mailer: git-send-email 2.21.0 MIME-Version: 1.0 Content-Transfer-Encoding: 8bit Subject: [dpdk-stable] [17.11] eal: tighten permissions on shared memory files X-BeenThere: stable@dpdk.org X-Mailman-Version: 2.1.15 Precedence: list List-Id: patches for DPDK stable branches List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: stable-bounces@dpdk.org Sender: "stable" When creating files on disk, e.g. for EAL configuration or shared memory locks, etc., there is no need to grant any permissions on those files to other users. All directories are already created with 0700 permissions, so we should create all files with 0600 permissions. Cc: stable@dpdk.org Signed-off-by: Bruce Richardson --- lib/librte_eal/bsdapp/eal/eal.c | 2 +- lib/librte_eal/bsdapp/eal/eal_hugepage_info.c | 2 +- lib/librte_eal/linuxapp/eal/eal.c | 2 +- lib/librte_eal/linuxapp/eal/eal_memory.c | 2 +- 4 files changed, 4 insertions(+), 4 deletions(-) diff --git a/lib/librte_eal/bsdapp/eal/eal.c b/lib/librte_eal/bsdapp/eal/eal.c index 369a682a8..f5d8a77f6 100644 --- a/lib/librte_eal/bsdapp/eal/eal.c +++ b/lib/librte_eal/bsdapp/eal/eal.c @@ -180,7 +180,7 @@ rte_eal_config_create(void) return; if (mem_cfg_fd < 0){ - mem_cfg_fd = open(pathname, O_RDWR | O_CREAT, 0660); + mem_cfg_fd = open(pathname, O_RDWR | O_CREAT, 0600); if (mem_cfg_fd < 0) rte_panic("Cannot open '%s' for rte_mem_config\n", pathname); } diff --git a/lib/librte_eal/bsdapp/eal/eal_hugepage_info.c b/lib/librte_eal/bsdapp/eal/eal_hugepage_info.c index 8a33c30c5..80b221071 100644 --- a/lib/librte_eal/bsdapp/eal/eal_hugepage_info.c +++ b/lib/librte_eal/bsdapp/eal/eal_hugepage_info.c @@ -51,7 +51,7 @@ static void * create_shared_memory(const char *filename, const size_t mem_size) { void *retval; - int fd = open(filename, O_CREAT | O_RDWR, 0666); + int fd = open(filename, O_CREAT | O_RDWR, 0600); if (fd < 0) return NULL; if (ftruncate(fd, mem_size) < 0) { diff --git a/lib/librte_eal/linuxapp/eal/eal.c b/lib/librte_eal/linuxapp/eal/eal.c index e6a733138..c6308a1ca 100644 --- a/lib/librte_eal/linuxapp/eal/eal.c +++ b/lib/librte_eal/linuxapp/eal/eal.c @@ -198,7 +198,7 @@ rte_eal_config_create(void) rte_mem_cfg_addr = NULL; if (mem_cfg_fd < 0){ - mem_cfg_fd = open(pathname, O_RDWR | O_CREAT, 0660); + mem_cfg_fd = open(pathname, O_RDWR | O_CREAT, 0600); if (mem_cfg_fd < 0) rte_panic("Cannot open '%s' for rte_mem_config\n", pathname); } diff --git a/lib/librte_eal/linuxapp/eal/eal_memory.c b/lib/librte_eal/linuxapp/eal/eal_memory.c index f1938ecfc..f3635373b 100644 --- a/lib/librte_eal/linuxapp/eal/eal_memory.c +++ b/lib/librte_eal/linuxapp/eal/eal_memory.c @@ -740,7 +740,7 @@ static void * create_shared_memory(const char *filename, const size_t mem_size) { void *retval; - int fd = open(filename, O_CREAT | O_RDWR, 0666); + int fd = open(filename, O_CREAT | O_RDWR, 0600); if (fd < 0) return NULL; if (ftruncate(fd, mem_size) < 0) { -- 2.21.0