On Fri, Feb 10, 2023 at 11:49 AM Ruediger Pluem <rpl...@apache.org> wrote: > > > > On 2/10/23 2:42 AM, Eric Covener wrote: > >> I think this should be revisited and changed to 600. > > > > It seems like all the methods use 0644. After the change, it's just > > accessible in the filesystem rather than in the sysv shm ether. > > > > It seems like an API gap, APR can't know what the caller expects to do > > with it (other than it's not anonymous). > > Today I guess a caller could run with a more conservative umask, or > > toggle it around calls to apr_shm_create? > > > > I would like to see a more restrictive default, but this cannot be reverted > via > umask. Furthermore we are currently inconsistent as we use 600 for SysV SHM, > but 644 > for Posix one.
Thanks, I see I was looking at the ones with explicit mode literals. > Maybe time for an > > apr_shm_perms_set? Sounds needed no matter where the default change ends up. Is there anything else waiting for a 1.8?
