ext/apache2/SpawnManager.h in passenger-2.1.2 vs ext/apache2/SpawnManager.h in passenger-2.1.3
- old
+ new
@@ -324,9 +324,15 @@
pid_t pid = atoi(args[0]);
UPDATE_TRACE_POINT();
if (args[2] == "unix") {
+ /* Set tighter permissions on the spawned backend process's
+ * Unix socket. We try to make it only readable and writable
+ * by the process that contains the application pool, because
+ * all attempts to connect to a backend process happens
+ * through the application pool.
+ */
int ret;
do {
ret = chmod(args[1].c_str(), S_IRUSR | S_IWUSR);
} while (ret == -1 && errno == EINTR);
do {