about summary refs log tree commit homepage
diff options
context:
space:
mode:
authorEric Wong <normalperson@yhbt.net>2009-04-05 19:15:53 -0700
committerEric Wong <normalperson@yhbt.net>2009-04-05 19:15:53 -0700
commit72c32f2902886bf205ae7ea412909c41dda1a95e (patch)
tree956fe1c85d68199da8a5d135fa3314c0a634b8d7
parent539ca9a0efc692edde5448d3e4007d35372e033d (diff)
downloadunicorn-72c32f2902886bf205ae7ea412909c41dda1a95e.tar.gz
I can't think of a good reason to ever use restrictive
permissions with UNIX domain sockets for an HTTP server.
Since some folks run their nginx on port 80 and then
have it drop permissions, we need to ensure our socket
is readable and writable across the board.

The reason I'm respecting the existing umask at all (instead of
using 0000 across the board like most daemonizers) is because
the admin may want to restrict access (especially write access)
to log files.
-rw-r--r--lib/unicorn/socket.rb3
-rw-r--r--test/unit/test_socket_helper.rb6
2 files changed, 9 insertions, 0 deletions
diff --git a/lib/unicorn/socket.rb b/lib/unicorn/socket.rb
index 0dba8cb..1b666b4 100644
--- a/lib/unicorn/socket.rb
+++ b/lib/unicorn/socket.rb
@@ -91,11 +91,14 @@ module Unicorn
 
       sock = Socket.new(domain, SOCK_STREAM, 0)
       sock.setsockopt(SOL_SOCKET, SO_REUSEADDR, 1) if defined?(SO_REUSEADDR)
+      old_umask = File.umask(0)
       begin
         sock.bind(bind_addr)
       rescue Errno::EADDRINUSE
         sock.close rescue nil
         return nil
+      ensure
+        File.umask(old_umask)
       end
       if opt[:rcvbuf] || opt[:sndbuf]
         log_buffer_sizes(sock, "before: ")
diff --git a/test/unit/test_socket_helper.rb b/test/unit/test_socket_helper.rb
index 23fa44c..79e1cdc 100644
--- a/test/unit/test_socket_helper.rb
+++ b/test/unit/test_socket_helper.rb
@@ -42,12 +42,18 @@ class TestSocketHelper < Test::Unit::TestCase
   end
 
   def test_bind_listen_unix
+    old_umask = File.umask(0777)
     tmp = Tempfile.new 'unix.sock'
     @unix_listener_path = tmp.path
     File.unlink(@unix_listener_path)
     @unix_listener = bind_listen(@unix_listener_path)
     assert Socket === @unix_listener
     assert_equal @unix_listener_path, sock_name(@unix_listener)
+    assert File.readable?(@unix_listener_path), "not readable"
+    assert File.writable?(@unix_listener_path), "not writable"
+    assert_equal 0777, File.umask
+    ensure
+      File.umask(old_umask)
   end
 
   def test_bind_listen_unix_idempotent