diff options
| author | dtu@chromium.org <dtu@chromium.org@0039d316-1c4b-4281-b951-d872f2087c98> | 2011-02-25 19:37:34 +0000 |
|---|---|---|
| committer | dtu@chromium.org <dtu@chromium.org@0039d316-1c4b-4281-b951-d872f2087c98> | 2011-02-25 19:37:34 +0000 |
| commit | e572e51731cb71743cb0d9ad5138c0f7cd837e02 (patch) | |
| tree | 26d40fda3b69c5619792eb25823a092c02592c92 /ipc | |
| parent | 72f10ae3436be5443ae8ed72fc4a1ece230a081b (diff) | |
| download | chromium_src-e572e51731cb71743cb0d9ad5138c0f7cd837e02.zip chromium_src-e572e51731cb71743cb0d9ad5138c0f7cd837e02.tar.gz chromium_src-e572e51731cb71743cb0d9ad5138c0f7cd837e02.tar.bz2 | |
Expand comment for named IPC chmod(). It was previously unclear that it is just a precaution and not intended to be a complete security policy for the named IPC channel.
BUG=none
TEST=none
Review URL: http://codereview.chromium.org/6585001
git-svn-id: svn://svn.chromium.org/chrome/trunk/src@76083 0039d316-1c4b-4281-b951-d872f2087c98
Diffstat (limited to 'ipc')
| -rw-r--r-- | ipc/ipc_channel_posix.cc | 9 |
1 files changed, 7 insertions, 2 deletions
diff --git a/ipc/ipc_channel_posix.cc b/ipc/ipc_channel_posix.cc index ab8a06c..7c753b6 100644 --- a/ipc/ipc_channel_posix.cc +++ b/ipc/ipc_channel_posix.cc @@ -193,9 +193,14 @@ bool CreateServerUnixDomainSocket(const std::string& pipe_name, return false; } - // Adjust the socket permissions. + // Explicitly set file system permissions on socket, mainly as a precaution + // for Chrome OS. + // Do not rely on these file permissions to provide security - the file is + // created during the above bind() call so there is still a window for + // malicious abuse because the file exists between bind() and chmod(). Also, + // the file permissions may not be enforced for unix sockets on all platforms. if (chmod(pipe_name.c_str(), 0600)) { - PLOG(ERROR) << "fchmod " << pipe_name; + PLOG(ERROR) << "chmod " << pipe_name; if (HANDLE_EINTR(close(fd)) < 0) PLOG(ERROR) << "close " << pipe_name; return false; |