On Thu, Apr 10, 2014 at 3:57 PM, David Herrmann dh.herrmann@gmail.com wrote:
Hi
On Thu, Apr 10, 2014 at 11:16 PM, Andy Lutomirski luto@amacapital.net wrote:
Would it make sense for the initial mode on a memfd inode to be 000? Anyone who finds this to be problematic could use fchmod to fix it.
memfd_create() should be subject to umask() just like anything else. That should solve any possible race here, right?
Yes, but how many people will actually think about umask when doing things that don't really look like creating files?
/proc/pid/fd is a really weird corner case in which the mode of an inode that doesn't have a name matters. I suspect that almost no one will ever want to open one of these things out of /proc/self/fd, and those who do should be made to think about it.
It also avoids odd screwups where things are secure until someone runs them with umask 000.
--Andy