53 lines
2.2 KiB
Diff
53 lines
2.2 KiB
Diff
diff --git a/shmem/unix/shm.c b/shmem/unix/shm.c
|
|
index 096884d99d..ea9b94277b 100644
|
|
--- a/shmem/unix/shm.c
|
|
+++ b/shmem/unix/shm.c
|
|
@@ -287,10 +287,9 @@ APR_DECLARE(apr_status_t) apr_shm_create(apr_shm_t **m,
|
|
status = APR_SUCCESS;
|
|
|
|
#if APR_USE_SHMEM_MMAP_TMP
|
|
- /* FIXME: Is APR_OS_DEFAULT sufficient? */
|
|
- status = apr_file_open(&file, filename,
|
|
- APR_READ | APR_WRITE | APR_CREATE | APR_EXCL,
|
|
- APR_OS_DEFAULT, pool);
|
|
+ status = apr_file_open(&file, filename,
|
|
+ APR_FOPEN_READ | APR_FOPEN_WRITE | APR_FOPEN_CREATE | APR_FOPEN_EXCL,
|
|
+ APR_FPROT_UREAD | APR_FPROT_UWRITE, pool);
|
|
if (status != APR_SUCCESS) {
|
|
return status;
|
|
}
|
|
@@ -319,8 +318,7 @@ APR_DECLARE(apr_status_t) apr_shm_create(apr_shm_t **m,
|
|
}
|
|
#endif /* APR_USE_SHMEM_MMAP_TMP */
|
|
#if APR_USE_SHMEM_MMAP_SHM
|
|
- /* FIXME: SysV uses 0600... should we? */
|
|
- tmpfd = shm_open(shm_name, O_RDWR | O_CREAT | O_EXCL, 0644);
|
|
+ tmpfd = shm_open(shm_name, O_RDWR | O_CREAT | O_EXCL, 0600);
|
|
if (tmpfd == -1) {
|
|
return errno;
|
|
}
|
|
@@ -361,10 +359,9 @@ APR_DECLARE(apr_status_t) apr_shm_create(apr_shm_t **m,
|
|
#elif APR_USE_SHMEM_SHMGET
|
|
new_m->realsize = reqsize;
|
|
|
|
- /* FIXME: APR_OS_DEFAULT is too permissive, switch to 600 I think. */
|
|
- status = apr_file_open(&file, filename,
|
|
+ status = apr_file_open(&file, filename,
|
|
APR_FOPEN_WRITE | APR_FOPEN_CREATE | APR_FOPEN_EXCL,
|
|
- APR_OS_DEFAULT, pool);
|
|
+ APR_FPROT_UREAD | APR_FPROT_UWRITE, pool);
|
|
if (status != APR_SUCCESS) {
|
|
return status;
|
|
}
|
|
@@ -555,8 +552,7 @@ APR_DECLARE(apr_status_t) apr_shm_attach(apr_shm_t **m,
|
|
#if APR_USE_SHMEM_MMAP_SHM
|
|
const char *shm_name = make_shm_open_safe_name(filename, pool);
|
|
|
|
- /* FIXME: SysV uses 0600... should we? */
|
|
- tmpfd = shm_open(shm_name, O_RDWR, 0644);
|
|
+ tmpfd = shm_open(shm_name, O_RDWR, 0600);
|
|
if (tmpfd == -1) {
|
|
return errno;
|
|
}
|
|
|