|  support |  documentation |  report a bug |  advanced search |  search howto |  statistics |  random bug |  login
Bug #71223 Unix socket permissions are not always correct
Submitted: 2015-12-26 01:16 UTC Modified: 2017-01-09 05:43 UTC
Avg. Score:3.0 ± 0.0
Reproduced:0 of 0 (0.0%)
From: gmoniker at gmail dot com Assigned:
Status: Wont fix Package: FPM related
PHP Version: 5.6.16 OS:
Private report: No CVE-ID: None
View Add Comment Developer Edit
Anyone can comment on a bug. Have a simpler test case? Does it work for you on a different platform? Let us know!
Just going to say 'Me too!'? Don't clutter the database with that please — but make sure to vote on the bug!
Your email address:
Solve the problem:
14 + 49 = ?
Subscribe to this entry?

 [2015-12-26 01:16 UTC] gmoniker at gmail dot com
The listen.mode setting of a worker pool allows to set the basic Unix permission bits. If you set it to 440 it should have rw-rw---- for example.

The way it is set up in fpm_unix.c is to set an inverted umask and then create the socket with that umask.

This works on filesystems with only basic permissions. However if you install on a filesystem with Posix ACL, then the default mask for the parent directory may interfere with this, and the socket file gets the wrong permission bits, possibly missing a necessary write permission.


Add a Patch

Pull Requests

Pull requests:

Add a Pull Request


AllCommentsChangesGit/SVN commitsRelated reports
 [2015-12-26 01:18 UTC] gmoniker at gmail dot com
Where I say 440 in the bug report it should be 660 obviously.
 [2015-12-26 01:40 UTC] gmoniker at gmail dot com
Pull request made for 5.6.17:
 Explicitly set the Unix socket permission bits #1697
 [2017-01-09 05:43 UTC]
-Status: Open +Status: Wont fix
 [2017-01-09 05:43 UTC]
The pull request on github was closed because 5.6 is in security fix only release cycle.

Please open a clean PR against a supported branch.
PHP Copyright © 2001-2022 The PHP Group
All rights reserved.
Last updated: Thu Jan 20 01:03:34 2022 UTC