From f34b893bb9dfd5dd94c243613315a14a189e8b02 Mon Sep 17 00:00:00 2001
From: hurricane618 <hurricane618@hotmail.com>
Date: Mon, 13 Nov 2023 22:10:03 +0800
Subject: [PATCH] make unix socket file mode more safe

change unix socket file mode from 755 -> 600

Signed-off-by: hurricane618 <hurricane618@hotmail.com>
---
 observer_agent/grpc_comm/server.cpp      | 2 ++
 observer_agent/grpc_comm/server_demo.cpp | 2 ++
 2 files changed, 4 insertions(+)

diff --git a/observer_agent/grpc_comm/server.cpp b/observer_agent/grpc_comm/server.cpp
index 69c8270..cced5c7 100644
--- a/observer_agent/grpc_comm/server.cpp
+++ b/observer_agent/grpc_comm/server.cpp
@@ -14,6 +14,7 @@
  * Description: secDetector grpc server
  */
 #include <grpcpp/grpcpp.h>
+#include <sys/stat.h>
 #include "comm_api.grpc.pb.h"
 
 using grpc::Server;
@@ -116,5 +117,6 @@ void RunServer() {
   builder.RegisterService(&service);
 
   std::unique_ptr<Server> server(builder.BuildAndStart());
+  chmod("/var/run/secDetector.sock", S_IRUSR | S_IWUSR);
   server->Wait();
 }
diff --git a/observer_agent/grpc_comm/server_demo.cpp b/observer_agent/grpc_comm/server_demo.cpp
index 5358620..c2b872f 100644
--- a/observer_agent/grpc_comm/server_demo.cpp
+++ b/observer_agent/grpc_comm/server_demo.cpp
@@ -14,6 +14,7 @@
  * Description: secDetector grpc server demo
  */
 #include <grpcpp/grpcpp.h>
+#include <sys/stat.h>
 #include "comm_api.grpc.pb.h"
 
 using grpc::Server;
@@ -116,6 +117,7 @@ void RunServer() {
     builder.RegisterService(&service);
 
     std::unique_ptr<Server> server(builder.BuildAndStart());
+    chmod("/var/run/secDetector.sock", S_IRUSR | S_IWUSR);
     server->Wait();
 }
 
-- 
Gitee