From b0a21ecb5e02be2556b186e1cb5bf85beaf79d7d Mon Sep 17 00:00:00 2001
From: Mostafa <32613517+idleroamer@users.noreply.github.com>
Date: Tue, 19 Jan 2021 00:29:44 +0100
Subject: Make dlt pipe only readable by user (#285)

security-wise dlt pip(FIFO) should be exclusively readable only by owner not the dlt group
to prevent eavesdropping by clients

Signed-off-by: Mostafa Emami <mustafaemami@gmail.com>
---
 src/daemon/dlt-daemon.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/src/daemon/dlt-daemon.c b/src/daemon/dlt-daemon.c
index 86b88e0..d26de79 100644
--- a/src/daemon/dlt-daemon.c
+++ b/src/daemon/dlt-daemon.c
@@ -1316,7 +1316,7 @@ static int dlt_daemon_init_fifo(DltDaemonLocal *daemon_local)
     const char *tmpFifo = daemon_local->flags.daemonFifoName;
     unlink(tmpFifo);
 
-    ret = mkfifo(tmpFifo, S_IRUSR | S_IWUSR | S_IRGRP | S_IWGRP);
+    ret = mkfifo(tmpFifo, S_IRUSR | S_IWUSR | S_IWGRP);
 
     if (ret == -1) {
         dlt_vlog(LOG_WARNING, "FIFO user %s cannot be created (%s)!\n",
-- 
cgit v1.2.1