Hi,
I just received this modified patch from upstream and wanted to
document that in te BTS.
Regards, Axel
--
,''`. | Axel Beckert <a...@debian.org>, http://people.debian.org/~abe/
: :' : | Debian Developer, ftp.ch.debian.org Admin
`. `' | 1024D: F067 EA27 26B9 C3FC 1486 202E C09E 1D89 9593 0EDE
`- | 4096R: 2517 B724 C5F6 CA99 5329 6E61 2FF9 CD59 6126 16B5
--- Begin Message ---
<URL: https://rt.cpan.org/Ticket/Display.html?id=91450 >
While the patch from Debian fixes the security issue, it makes unreadable for
other users all other files created by a daemon, what is unwanted in some cases.
Attached patch fixes this problem.
diff -crB lib.orig/Proc/Daemon.pm lib/Proc/Daemon.pm
*** lib.orig/Proc/Daemon.pm 2013-12-18 10:13:31.000000000 -0400
--- lib/Proc/Daemon.pm 2014-12-18 14:14:43.358761046 -0400
***************
*** 152,157 ****
--- 152,158 ----
die "Can't <chdir> to $self->{work_dir}: $!" unless chdir $self->{work_dir};
# Clear the file creation mask.
+ $self->{_orig_umask} = umask;
umask 066;
# Detach the child from the terminal (no controlling tty), make it the
***************
*** 253,258 ****
--- 254,261 ----
# potential damage later.
}
+ # Restore the original file creation mask.
+ umask $self->{_orig_umask};
# Execute a system command and never return.
if ( $exec_command ) {
--- End Message ---
