Commit b8d8277ae0 for strongswan.org

commit b8d8277ae07608c50793ed784c72662cc1d45740
Author: Tobias Brunner <tobias@strongswan.org>
Date:   Thu Jan 15 15:14:32 2026 +0100

    stream-service-unix: Remove unnecessary execute permission from sockets

    References strongswan/strongswan#2983

diff --git a/src/libstrongswan/networking/streams/stream_service_unix.c b/src/libstrongswan/networking/streams/stream_service_unix.c
index 43c05e376f..c1d8f57c82 100644
--- a/src/libstrongswan/networking/streams/stream_service_unix.c
+++ b/src/libstrongswan/networking/streams/stream_service_unix.c
@@ -52,7 +52,7 @@ stream_service_t *stream_service_create_unix(char *uri, int backlog)
 	}
 	unlink(addr.sun_path);

-	old = umask(S_IRWXO);
+	old = umask(S_IXUSR | S_IXGRP | S_IRWXO);
 	if (bind(fd, (struct sockaddr*)&addr, len) < 0)
 	{
 		DBG1(DBG_NET, "binding socket '%s' failed: %s", uri, strerror(errno));