[master] 9bbfc0047 Make sure a jailed worker process can open the cached VEXT file

Poul-Henning Kamp phk at FreeBSD.org
Mon Aug 1 13:25:06 UTC 2022


commit 9bbfc0047614c24b3b7952e56d4ec31a424c3005
Author: Poul-Henning Kamp <phk at FreeBSD.org>
Date:   Mon Aug 1 13:24:01 2022 +0000

    Make sure a jailed worker process can open the cached VEXT file

diff --git a/bin/varnishd/common/common_vext.c b/bin/varnishd/common/common_vext.c
index d655fc4f5..3a4523cc3 100644
--- a/bin/varnishd/common/common_vext.c
+++ b/bin/varnishd/common/common_vext.c
@@ -125,7 +125,7 @@ vext_copyin(struct vsb *vident)
 		VSB_cat(vp->vsb, ".so");
 		AZ(VSB_finish(vp->vsb));
 		fprintf(stderr, "ee2 %s\n", VSB_data(vp->vsb));
-		fdo = open(VSB_data(vp->vsb), O_WRONLY|O_CREAT|O_EXCL, 0700);
+		fdo = open(VSB_data(vp->vsb), O_WRONLY|O_CREAT|O_EXCL, 0755);
 		xxxassert(fdo >= 0);
 		AZ(lseek(vp->fd, 0, SEEK_SET));
 		do {


More information about the varnish-commit mailing list