Home Explore Help
Sign In
Godot
/
godot
mirror of https://github.com/godotengine/godot.git
2
0
Fork 0
Files Issues 0 Wiki
Browse Source

unix: Limit named pipe permissions to the current user

Named pipes created using the "pipe://" file access scheme should not be
world-writable or readable. Limit their access to the current user by
creating them with 0600 permissions instead of 0666.
Andrew Price 11 months ago
parent
f49c9d7cd1
commit
64077ff3de
1 changed files with 1 additions and 1 deletions
Unified View Show Diff Stats
  1. 1 1
      drivers/unix/file_access_unix_pipe.cpp

+ 1 - 1
drivers/unix/file_access_unix_pipe.cpp
View File 

@@ -65,7 +65,7 @@ Error FileAccessUnixPipe::open_internal(const String &p_path, int p_mode_flags)
 
 	struct stat st = {};
 
 	struct stat st = {};
 
 	int err = stat(path.utf8().get_data(), &st);
 
 	int err = stat(path.utf8().get_data(), &st);
 
 	if (err) {
 
 	if (err) {
 
-		if (mkfifo(path.utf8().get_data(), 0666) != 0) {
 
+		if (mkfifo(path.utf8().get_data(), 0600) != 0) {
 
 			last_error = ERR_FILE_CANT_OPEN;
 
 			last_error = ERR_FILE_CANT_OPEN;
 
 			return last_error;
 
 			return last_error;
 
 		}
 
 		}