(I'm the upstream author.)
> Instead could you change the permissions of the logfile to be 0640
> and keep the directory as 755.
That's a good idea. But it's surprisingly tricky to implement.
The log file is created by Polipo, so it's Polipo itself that should
set the permissions. But Polipo uses fopen to create the log file,
which doesn't take permissions.
I cannot create and then open the log file, as that would cause a race
condition (the file could be deleted by whoever is rotating the logs
between the two). I could fopen and then chmod, but that would cause
a race condition (someone could read the log file if he got the timing
just right).
It looks like the right solution is to create the file and then use
fdopen. But I'll need to check if fdopen is available on all the
systems that I support.
Tom, you're welcome to mark this bug upstream.
Juliusz
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
