[Bug 1945533] Re: permissions on /var/tmp/metrics_collector.sock

Launchpad Bug Tracker 1945533 at bugs.launchpad.net
Wed Oct 13 10:20:47 UTC 2021 

This bug was fixed in the package python-oslo.metrics - 0.3.0-0ubuntu2

---------------
python-oslo.metrics (0.3.0-0ubuntu2) impish; urgency=medium

  * d/p/bug1945533.patch: Cherry pick permissions fix to harden the
    socket used for metrics (LP: #1945533).

 -- James Page <james.page at ubuntu.com>  Wed, 13 Oct 2021 09:41:23 +0100

** Changed in: python-oslo.metrics (Ubuntu)
       Status: Triaged => Fix Released

-- 
You received this bug notification because you are a member of Ubuntu
OpenStack, which is subscribed to python-oslo.metrics in Ubuntu.
https://bugs.launchpad.net/bugs/1945533

Title:
  permissions on /var/tmp/metrics_collector.sock

Status in oslo.metrics:
  In Progress
Status in python-oslo.metrics package in Ubuntu:
  Fix Released

Bug description:
  Hello, I believe the socket is being created with incorrect
  permissions:

  def main():
      cfg.CONF(sys.argv[1:])
      socket_path = cfg.CONF.oslo_metrics.metrics_socket_file
      m = MetricsListener(socket_path)
      try:
          os.chmod(socket_path, stat.S_IRWXU | stat.S_IRWXO)

  
  My sys_stat.h(7) manpage has:

    │S_IRWXU │      0700     │ Read, write, execute/search by owner.        │
  ..
    │S_IRWXG │       070     │ Read, write, execute/search by group.        │
  ..
    │S_IRWXO │        07     │ Read, write, execute/search by others.       │

  
  Thus the resulting permissions are 0707. I don't recall seeing 0707 used intentionally before, it's only ever been a mistake by people using the symbolic forms rather than typing the desired octal directly.

  If mode 0707 is intentional, can I ask for a comment to be placed
  there to describe why these unusual permissions are expected?

  I propose replacing the modes with 0o666, 0o660, or 0o600, as
  appropriate. (The only mention of 'execute' in my unix(7) manpage is
  referring to the directory the socket is created in.)

  Thanks

To manage notifications about this bug go to:
https://bugs.launchpad.net/oslo.metrics/+bug/1945533/+subscriptions

More information about the Ubuntu-openstack-bugs mailing list