You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
This hack was originally added in moby/moby@24c73ce,
but was scarce on information, and this code was cause for some confusion.
net.Listen does not allow for permissions to be set. As a result, when
specifying custom permissions ("WithChmod()"), there is a short time
between creating the socket and applying the permissions, during which
the socket permissions are Less restrictive than desired.
To work around this limitation of net.Listen(), we temporarily set the
umask to 0777, which forces the socket to be created with 000 permissions
(i.e.: no access for anyone). After that, WithChmod() must be used to set
the desired permissions.
This patch also removes the use of `defer` here, so that we can reset the
umask to its original value as soon as possible. Ideally we'd be able to
detect if WithChmod() was passed as an option, and skip changing umask if
default permissions are used.
Signed-off-by: Sebastiaan van Stijn <[email protected]>
0 commit comments