From 33b75b4255141d706a6b9d9e02f8298780626964 Mon Sep 17 00:00:00 2001 From: Tristan Date: Mon, 4 Mar 2024 23:30:07 +0000 Subject: [PATCH] PR comments - Set default socket mode to current umask --- pkg/http/server.go | 8 +++++++- 1 file changed, 7 insertions(+), 1 deletion(-) diff --git a/pkg/http/server.go b/pkg/http/server.go index 14bb064e9c..8041d697b4 100644 --- a/pkg/http/server.go +++ b/pkg/http/server.go @@ -10,6 +10,7 @@ import ( "os" "strconv" "strings" + "syscall" "time" "github.com/oauth2-proxy/oauth2-proxy/v7/pkg/apis/options" @@ -97,7 +98,12 @@ func setupUnixSocketListener(networkType string, address string) (net.Listener, } socketPath := socketOpts[0] - socketMode := os.FileMode(0o644) + + // must set umask to find out the previous value, so we set-store-reset it + currentUmask := syscall.Umask(0o777) + syscall.Umask(currentUmask) + socketMode := os.FileMode(currentUmask) + for _, socketOpt := range socketOpts[1:] { socketOpt := strings.SplitN(socketOpt, "=", 2) if len(socketOpt) != 2 {