Fix security permission on lttng run directory

Add execute flag for other (r+x) on the lttng run directory at
/var/run/lttng so instrumented application *not* in the tracing group
can register to the global session daemon running as root.

(refs #141)

Signed-off-by: David Goulet <dgoulet@efficios.com>

diff --git a/src/bin/lttng-sessiond/main.c b/src/bin/lttng-sessiond/main.c
index 93417bca04fe213276ed88189d07e11e72a404b3..f82f05e00b12d3521649ba6f6d2b9b0003c25c92 100644 (file)
--- a/src/bin/lttng-sessiond/main.c
+++ b/src/bin/lttng-sessiond/main.c
@@ -3996,7 +3996,7 @@ static int set_permissions(char *rundir)
        }
 
        /* Ensure tracing group can search the run dir */
        }
 
        /* Ensure tracing group can search the run dir */

-       ret = chmod(rundir, S_IRWXU | S_IXGRP);
+       ret = chmod(rundir, S_IRWXU | S_IXGRP | S_IXOTH);

        if (ret < 0) {
                ERR("Unable to set permissions on %s", rundir);
                perror("chmod");
        if (ret < 0) {
                ERR("Unable to set permissions on %s", rundir);
                perror("chmod");