From c996c8ff49d040628dfd75e07d586d51938099ef Mon Sep 17 00:00:00 2001
From: Pankaj Garg <pankaj@solana.com>
Date: Tue, 3 Dec 2019 14:29:37 -0800
Subject: [PATCH] Protect sys-tuner socket access at create (#7230)

automerge
---
 Cargo.lock            | 1 +
 sys-tuner/Cargo.toml  | 1 +
 sys-tuner/src/main.rs | 1 +
 3 files changed, 3 insertions(+)

diff --git a/Cargo.lock b/Cargo.lock
index b5d4faeff..701860555 100644
--- a/Cargo.lock
+++ b/Cargo.lock
@@ -3978,6 +3978,7 @@ name = "solana-sys-tuner"
 version = "0.22.0"
 dependencies = [
  "clap 2.33.0 (registry+https://github.com/rust-lang/crates.io-index)",
+ "libc 0.2.66 (registry+https://github.com/rust-lang/crates.io-index)",
  "log 0.4.8 (registry+https://github.com/rust-lang/crates.io-index)",
  "nix 0.16.0 (registry+https://github.com/rust-lang/crates.io-index)",
  "semver 0.9.0 (registry+https://github.com/rust-lang/crates.io-index)",
diff --git a/sys-tuner/Cargo.toml b/sys-tuner/Cargo.toml
index 80675dd18..39b48b730 100644
--- a/sys-tuner/Cargo.toml
+++ b/sys-tuner/Cargo.toml
@@ -12,6 +12,7 @@ publish = true
 [dependencies]
 clap = "2.33.0"
 log = "0.4.8"
+libc = "0.2.66"
 semver = "0.9.0"
 solana-logger = { path = "../logger", version = "0.22.0" }
 
diff --git a/sys-tuner/src/main.rs b/sys-tuner/src/main.rs
index 374e76be2..7e32bf5d0 100644
--- a/sys-tuner/src/main.rs
+++ b/sys-tuner/src/main.rs
@@ -56,6 +56,7 @@ fn tune_system() {
 #[cfg(unix)]
 fn main() {
     solana_logger::setup();
+    unsafe { libc::umask(0o077) };
     if let Err(e) = std::fs::remove_file(solana_sys_tuner::SOLANA_SYS_TUNER_PATH) {
         if e.kind() != std::io::ErrorKind::NotFound {
             panic!("Failed to remove stale socket file: {:?}", e)