SimpleIPC fails in multi-user environment
Original Reporter info from Mantis: dezlov
-
Reporter name: Denis Kozlov
Original Reporter info from Mantis: dezlov
- Reporter name: Denis Kozlov
Description:
SimpleIPC only works when both server and client are operated by the same user.
On Unix platforms SimpleIPC uses pipes for communication. Pipes are created as files in "/tmp/" directory. When TSimpleIPCServer is started by user A a file for the pipe is created with default permissions rw-r--r-- (0644), meaning that only the owner gets to write to it. This presents a problem when TSimpleIPCClient is trying to connect to the server by request of user B. TSimpleIPCClient will try to open for writing the file for the pipe created by the server and the access will always be denied.
I suggest forcing read & write permission for everyone on the file for the pipe created by the server if TSimpleIPCServer.Global is True.
Steps to reproduce:
- Create and start TSimpleIPCServer via user A
- Create TSimpleIPCClient via user B
- Try to connect client to the server
Results in exception due to failure to access the file.
Additional information:
packages/fcl-process/src/unix/simpleipc.inc:
ORIGINAL CODE:
procedure TPipeServerComm.StartServer;
begin
If not FileExists(FFileName) then
If (fpmkFifo(FFileName,438)<>0) then
DoError(SErrFailedToCreatePipe,[FFileName]);
FStream:=TFileStream.Create(FFileName,fmOpenReadWrite+fmShareDenyNone);
end;
MODIFIED CODE:
procedure TPipeServerComm.StartServer;
const
ReadWriteAll = S_IRUSR or S_IWUSR or S_IRGRP or S_IWGRP or S_IROTH or S_IWOTH;
begin
If not FileExists(FFileName) then
If (fpmkFifo(FFileName,438)<>0) then
Owner.DoError(SErrFailedToCreatePipe,[FFileName]);
FStream:=TFileStream.Create(FFileName,fmOpenReadWrite+fmShareDenyNone);
if FOwner.Global then
if FpChmod(FFileName, ReadWriteAll) <> 0 then
raise EIPCError.Create('Unable to set global access permission for the server pipe');
end;
Mantis conversion info:
- Mantis ID: 20497
- Build: All Versions
- Platform: Linux/Unix
- Fixed in version: 3.0.0
- Fixed in revision: 19627 (#ab7a60a6)
- Monitored by: » dezlov (Denis Kozlov)
- Target version: 3.0.0