wpa_supplicant: Fix ctrl_interface group permissions to allow read/execute

When using umask 0077, the control interface directory was left without
group read/execute permissions even if the configuration file explicitly
asked for the group to be allowed to access the control interface. Fix
this by adding read/execute permissions for group if a specific group is
defined in the configuration. [Bug 199]

diff --git a/wpa_supplicant/ctrl_iface_unix.c b/wpa_supplicant/ctrl_iface_unix.c
index 8c45bd6..2a62713 100644 (file)
--- a/wpa_supplicant/ctrl_iface_unix.c
+++ b/wpa_supplicant/ctrl_iface_unix.c
@@ -332,6 +332,14 @@ wpa_supplicant_ctrl_iface_init(struct wpa_supplicant *wpa_s)
                goto fail;
        }
 
+       /* Make sure the group can enter and read the directory */
+       if (gid_set &&
+           chmod(dir, S_IRUSR | S_IWUSR | S_IXUSR | S_IRGRP | S_IXGRP) < 0) {
+               wpa_printf(MSG_ERROR, "CTRL: chmod[ctrl_interface]: %s",
+                          strerror(errno));
+               goto fail;
+       }
+
        if (os_strlen(dir) + 1 + os_strlen(wpa_s->ifname) >=
            sizeof(addr.sun_path)) {
                wpa_printf(MSG_ERROR, "ctrl_iface path limit exceeded");