On Thu, Apr 10, 2014 at 3:57 PM, David Herrmann <dh.herrmann@xxxxxxxxx> wrote: > Hi > > On Thu, Apr 10, 2014 at 11:16 PM, Andy Lutomirski <luto@xxxxxxxxxxxxxx> wrote: >> Would it make sense for the initial mode on a memfd inode to be 000? >> Anyone who finds this to be problematic could use fchmod to fix it. > > memfd_create() should be subject to umask() just like anything else. > That should solve any possible race here, right? Yes, but how many people will actually think about umask when doing things that don't really look like creating files? /proc/pid/fd is a really weird corner case in which the mode of an inode that doesn't have a name matters. I suspect that almost no one will ever want to open one of these things out of /proc/self/fd, and those who do should be made to think about it. It also avoids odd screwups where things are secure until someone runs them with umask 000. --Andy -- To unsubscribe, send a message with 'unsubscribe linux-mm' in the body to majordomo@xxxxxxxxx. For more info on Linux MM, see: http://www.linux-mm.org/ . Don't email: <a href=mailto:"dont@xxxxxxxxx";> email@xxxxxxxxx </a>