Skip to content

fix: restore umask on Unix socket creation failure#60

Draft
toddr-bot wants to merge 1 commit into
mainfrom
koan.toddr.bot/fix-umask-leak
Draft

fix: restore umask on Unix socket creation failure#60
toddr-bot wants to merge 1 commit into
mainfrom
koan.toddr.bot/fix-umask-leak

Conversation

@toddr-bot
Copy link
Copy Markdown

@toddr-bot toddr-bot commented Apr 9, 2026

What

Fix umask leak in Bind() when Unix socket creation fails.

Why

If IO::Socket::UNIX->new() fails, Fatal() dies before umask $old_umask executes.
Any caller catching the die via eval {} would continue running with umask 0, causing
subsequently created files to be world-readable/writable — a potential security issue.

How

Restore umask immediately after the socket creation attempt, then check for failure
and call Fatal() separately. The umask is always restored regardless of success or failure.

Testing

Full test suite passes. The Unix socket failure path is difficult to test in isolation
(requires simulating IO::Socket::UNIX failure), but the fix is a straightforward
reordering with no behavioral change on the success path.

🤖 Generated with Claude Code

@toddr-bot @claude
fix: restore umask before Fatal() on Unix socket creation failure
791eb95 
If IO::Socket::UNIX->new() failed in Bind(), Fatal() would die before
umask was restored from 0 to its original value. Any code catching the
die (via eval) would continue with umask 0, making subsequently created
files world-readable/writable.

Fix: restore umask immediately after socket creation attempt, then check
for failure separately.

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@toddr-bot