diff --git a/src/backend/access/transam/xlog.c b/src/backend/access/transam/xlog.c index 5288b7fb3d4b9cdd4427a5f556b1e042289e6dd3..497645810494f67f5ece425c77c2c8a185e3ccce 100644 --- a/src/backend/access/transam/xlog.c +++ b/src/backend/access/transam/xlog.c @@ -3451,7 +3451,7 @@ ValidateXLOGDirectoryStructure(void) { ereport(LOG, (errmsg("creating missing WAL directory \"%s\"", path))); - if (mkdir(path, 0700) < 0) + if (mkdir(path, S_IRWXU) < 0) ereport(FATAL, (errmsg("could not create missing directory \"%s\": %m", path))); diff --git a/src/backend/commands/copy.c b/src/backend/commands/copy.c index 40632b0e1cdf788d43a59ad798e690b29956d06a..7b8bee8f30e62442176edfc02351753fac5523db 100644 --- a/src/backend/commands/copy.c +++ b/src/backend/commands/copy.c @@ -1269,7 +1269,7 @@ DoCopyTo(CopyState cstate) (errcode(ERRCODE_INVALID_NAME), errmsg("relative path not allowed for COPY to file"))); - oumask = umask((mode_t) 022); + oumask = umask(S_IWGRP | S_IWOTH); cstate->copy_file = AllocateFile(cstate->filename, PG_BINARY_W); umask(oumask); diff --git a/src/backend/commands/tablespace.c b/src/backend/commands/tablespace.c index 5ba0f1ca9da6081a7bafb63ac14817f6f7df61ef..cd80c811a92963bcb9680538c41cd18b505a7d0d 100644 --- a/src/backend/commands/tablespace.c +++ b/src/backend/commands/tablespace.c @@ -552,7 +552,7 @@ create_tablespace_directories(const char *location, const Oid tablespaceoid) * Attempt to coerce target directory to safe permissions. If this fails, * it doesn't exist or has the wrong owner. */ - if (chmod(location, 0700) != 0) + if (chmod(location, S_IRWXU) != 0) { if (errno == ENOENT) ereport(ERROR, diff --git a/src/backend/libpq/be-fsstubs.c b/src/backend/libpq/be-fsstubs.c index ac6f56155f2c546280edbbdf2a56e1ab3db830bc..c74d829e1ac27544a80bd1fb1fbfde739e6a3412 100644 --- a/src/backend/libpq/be-fsstubs.c +++ b/src/backend/libpq/be-fsstubs.c @@ -399,7 +399,7 @@ lo_import_internal(text *filename, Oid lobjOid) * open the file to be read in */ text_to_cstring_buffer(filename, fnamebuf, sizeof(fnamebuf)); - fd = PathNameOpenFile(fnamebuf, O_RDONLY | PG_BINARY, 0666); + fd = PathNameOpenFile(fnamebuf, O_RDONLY | PG_BINARY, S_IRWXU); if (fd < 0) ereport(ERROR, (errcode_for_file_access(), @@ -474,8 +474,9 @@ lo_export(PG_FUNCTION_ARGS) * world-writable export files doesn't seem wise. */ text_to_cstring_buffer(filename, fnamebuf, sizeof(fnamebuf)); - oumask = umask((mode_t) 0022); - fd = PathNameOpenFile(fnamebuf, O_CREAT | O_WRONLY | O_TRUNC | PG_BINARY, 0666); + oumask = umask(S_IWGRP | S_IWOTH); + fd = PathNameOpenFile(fnamebuf, O_CREAT | O_WRONLY | O_TRUNC | PG_BINARY, + S_IRUSR | S_IWUSR | S_IRGRP | S_IROTH); umask(oumask); if (fd < 0) ereport(ERROR, diff --git a/src/backend/postmaster/postmaster.c b/src/backend/postmaster/postmaster.c index 65278b510dddbbad9201264cb446bcd14ca1257f..90854f44d79a12e7997fffd3c2d8fdc6cf89463f 100644 --- a/src/backend/postmaster/postmaster.c +++ b/src/backend/postmaster/postmaster.c @@ -494,7 +494,7 @@ PostmasterMain(int argc, char *argv[]) /* * for security, no dir or file created can be group or other accessible */ - umask((mode_t) 0077); + umask(S_IRWXG | S_IRWXO); /* * Fire up essential subsystems: memory management @@ -1274,7 +1274,7 @@ pmdaemonize(void) progname, DEVNULL, strerror(errno)); ExitPostmaster(1); } - pmlog = open(pmlogname, O_CREAT | O_WRONLY | O_APPEND, 0600); + pmlog = open(pmlogname, O_CREAT | O_WRONLY | O_APPEND, S_IRUSR | S_IWUSR); if (pmlog < 0) { write_stderr("%s: could not open log file \"%s/%s\": %s\n", diff --git a/src/backend/postmaster/syslogger.c b/src/backend/postmaster/syslogger.c index 00ab343d7de041ac3c31d3d2e55c85c4552dfe68..7541f88cc32adaca8b834574f81bc438e600b3b0 100644 --- a/src/backend/postmaster/syslogger.c +++ b/src/backend/postmaster/syslogger.c @@ -73,7 +73,7 @@ int Log_RotationSize = 10 * 1024; char *Log_directory = NULL; char *Log_filename = NULL; bool Log_truncate_on_rotation = false; -int Log_file_mode = 0600; +int Log_file_mode = S_IRUSR | S_IWUSR; /* * Globally visible state (used by elog.c) @@ -511,7 +511,7 @@ SysLogger_Start(void) /* * Create log directory if not present; ignore errors */ - mkdir(Log_directory, 0700); + mkdir(Log_directory, S_IRWXU); /* * The initial logfile is created right in the postmaster, to verify that @@ -1020,7 +1020,7 @@ logfile_open(const char *filename, const char *mode, bool allow_errors) * Note we do not let Log_file_mode disable IWUSR, since we certainly * want to be able to write the files ourselves. */ - oumask = umask((mode_t) ((~(Log_file_mode | S_IWUSR)) & 0777)); + oumask = umask((mode_t) ((~(Log_file_mode | S_IWUSR)) & (S_IRWXU | S_IRWXG | S_IRWXO))); fh = fopen(filename, mode); umask(oumask); diff --git a/src/backend/storage/file/copydir.c b/src/backend/storage/file/copydir.c index 4a10563ef83a99e9f0a47a27137d84d92fdbf166..f7dc509b500a47e3e275efec55c8bd97a173f4de 100644 --- a/src/backend/storage/file/copydir.c +++ b/src/backend/storage/file/copydir.c @@ -56,7 +56,7 @@ copydir(char *fromdir, char *todir, bool recurse) char fromfile[MAXPGPATH]; char tofile[MAXPGPATH]; - if (mkdir(todir, S_IRUSR | S_IWUSR | S_IXUSR) != 0) + if (mkdir(todir, S_IRWXU) != 0) ereport(ERROR, (errcode_for_file_access(), errmsg("could not create directory \"%s\": %m", todir))); diff --git a/src/backend/storage/ipc/ipc.c b/src/backend/storage/ipc/ipc.c index 9d15d11e636fa14c8052d07e8fbc429dff6652e4..27b46954e075f3c23a60044f2f00027f3d5fdfe8 100644 --- a/src/backend/storage/ipc/ipc.c +++ b/src/backend/storage/ipc/ipc.c @@ -126,8 +126,8 @@ proc_exit(int code) else snprintf(gprofDirName, 32, "gprof/%d", (int) getpid()); - mkdir("gprof", 0777); - mkdir(gprofDirName, 0777); + mkdir("gprof", S_IRWXU | S_IRWXG | S_IRWXO); + mkdir(gprofDirName, S_IRWXU | S_IRWXG | S_IRWXO); chdir(gprofDirName); } #endif diff --git a/src/bin/initdb/initdb.c b/src/bin/initdb/initdb.c index 71c6324a3bed5ca801ea80d054d2aeaca7c4e4d3..19033ed54a555d070b55685b55ea48216570b774 100644 --- a/src/bin/initdb/initdb.c +++ b/src/bin/initdb/initdb.c @@ -870,7 +870,7 @@ mkdatadir(const char *subdir) else strcpy(path, pg_data); - if (mkdir_p(path, 0700) == 0) + if (mkdir_p(path, S_IRWXU) == 0) return true; fprintf(stderr, _("%s: could not create directory \"%s\": %s\n"), @@ -1166,7 +1166,7 @@ setup_config(void) snprintf(path, sizeof(path), "%s/postgresql.conf", pg_data); writefile(path, conflines); - chmod(path, 0600); + chmod(path, S_IRUSR | S_IWUSR); free(conflines); @@ -1237,7 +1237,7 @@ setup_config(void) snprintf(path, sizeof(path), "%s/pg_hba.conf", pg_data); writefile(path, conflines); - chmod(path, 0600); + chmod(path, S_IRUSR | S_IWUSR); free(conflines); @@ -1248,7 +1248,7 @@ setup_config(void) snprintf(path, sizeof(path), "%s/pg_ident.conf", pg_data); writefile(path, conflines); - chmod(path, 0600); + chmod(path, S_IRUSR | S_IWUSR); free(conflines); @@ -2904,7 +2904,7 @@ main(int argc, char *argv[]) printf("\n"); - umask(077); + umask(S_IRWXG | S_IRWXO); /* * now we are starting to do real work, trap signals so we can clean up @@ -2951,7 +2951,7 @@ main(int argc, char *argv[]) pg_data); fflush(stdout); - if (chmod(pg_data, 0700) != 0) + if (chmod(pg_data, S_IRWXU) != 0) { fprintf(stderr, _("%s: could not change permissions of directory \"%s\": %s\n"), progname, pg_data, strerror(errno)); @@ -3004,7 +3004,7 @@ main(int argc, char *argv[]) xlog_dir); fflush(stdout); - if (mkdir_p(xlog_dir, 0700) != 0) + if (mkdir_p(xlog_dir, S_IRWXU) != 0) { fprintf(stderr, _("%s: could not create directory \"%s\": %s\n"), progname, xlog_dir, strerror(errno)); @@ -3021,7 +3021,7 @@ main(int argc, char *argv[]) xlog_dir); fflush(stdout); - if (chmod(xlog_dir, 0700) != 0) + if (chmod(xlog_dir, S_IRWXU) != 0) { fprintf(stderr, _("%s: could not change permissions of directory \"%s\": %s\n"), progname, xlog_dir, strerror(errno)); diff --git a/src/bin/pg_ctl/pg_ctl.c b/src/bin/pg_ctl/pg_ctl.c index 3cf2afcc27fd8b98afa23b85c8cc2ffebf6b0468..c5f855e063fe90fa7fc4abd48c1905bd46019367 100644 --- a/src/bin/pg_ctl/pg_ctl.c +++ b/src/bin/pg_ctl/pg_ctl.c @@ -1769,7 +1769,7 @@ main(int argc, char **argv) */ argv0 = argv[0]; - umask(077); + umask(S_IRWXG | S_IRWXO); /* support --help and --version even if invoked as root */ if (argc > 1)