Bug 126669 - [has patch] canna creates /tmp/.iroha_unix, mode 0777, instead of using /var/run/.iroha_unix
[has patch] canna creates /tmp/.iroha_unix, mode 0777, instead of using /var/...
Product: Fedora
Classification: Fedora
Component: Canna (Show other bugs)
All Linux
medium Severity medium
: ---
: ---
Assigned To: Akira TAGOH
Bill Huang
: Patch
Depends On:
  Show dependency treegraph
Reported: 2004-06-24 12:01 EDT by Matthew Miller
Modified: 2007-11-30 17:10 EST (History)
0 users

See Also:
Fixed In Version: 3.7p3-4
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Last Closed: 2004-06-25 01:03:56 EDT
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---

Attachments (Terms of Use)
use /var/run/.iroha_unix instead of creating /tmp/.iroha_unix with insecure permissions (383 bytes, patch)
2004-06-24 12:03 EDT, Matthew Miller
no flags Details | Diff

  None (edit)
Description Matthew Miller 2004-06-24 12:01:44 EDT
I don't use or understand this program at all. And I don't speak
Japanese, so the learning curve is a bit steep. But, in Fedora Core 2
and in the current rawhide version, it's creating /tmp/.iroha_unix as
a world-writable directory. That doesn't seem right.

The package also owns /var/run/.iroha_unix, with far more restrictive
permissions, but doesn't appear to put anything there.

I've made a patch to the config file which causes it to actually put
the IROHA socket file in /var/run/.iroha_unix. I'll attach this patch
in a second.

I don't have a good way of testing this (I'll see if I can find a
japanese speaking linux-savvy student somewhere around here....), but
it seems like the right thing to do.
Comment 1 Matthew Miller 2004-06-24 12:03:20 EDT
Created attachment 101377 [details]
use /var/run/.iroha_unix instead of creating /tmp/.iroha_unix with insecure permissions

(It occurs to me that it might also be good to patch the code so that if the
directory doesn't exist and needs to be recreated, it's created with the right
permissions instead of 0777.
Comment 2 Akira TAGOH 2004-06-25 01:03:56 EDT
already fixed in 3.7p3-4 which has been released yesterday. thanks for
the notification anyway.

Note You need to log in before you can comment on or make changes to this bug.