Set 600 perm mode to all created files

When creating a data file, set permissions to read/write for the user.
master
Manos Pitsidianakis 2019-11-24 17:00:55 +02:00
parent 3e33335914
commit af365fa8d4
Signed by: Manos Pitsidianakis
GPG Key ID: 73627C2F690DF710
8 changed files with 95 additions and 34 deletions

View File

@ -45,6 +45,7 @@ use std::fs;
use std::hash::{Hash, Hasher};
use std::io::{self, Read, Write};
use std::ops::{Deref, DerefMut};
use std::os::unix::fs::PermissionsExt;
use std::path::{Component, Path, PathBuf};
use std::result;
use std::sync::{Arc, Mutex};
@ -768,6 +769,12 @@ impl MaildirType {
panic!("{}", e);
}
};
let metadata = f.metadata().unwrap();
let mut permissions = metadata.permissions();
permissions.set_mode(0o600); // Read/write for owner only.
f.set_permissions(permissions).unwrap();
let writer = io::BufWriter::new(f);
bincode::serialize_into(writer, &e).unwrap();
}
@ -860,6 +867,12 @@ impl MaildirType {
}
debug!("saving at {}", path.display());
let file = fs::File::create(path).unwrap();
let metadata = file.metadata()?;
let mut permissions = metadata.permissions();
permissions.set_mode(0o600); // Read/write for owner only.
file.set_permissions(permissions)?;
let mut writer = io::BufWriter::new(file);
writer.write_all(bytes).unwrap();
return Ok(());
@ -899,6 +912,11 @@ fn add_path_to_index(
panic!("{}", e);
}
};
let metadata = f.metadata().unwrap();
let mut permissions = metadata.permissions();
permissions.set_mode(0o600); // Read/write for owner only.
f.set_permissions(permissions).unwrap();
let writer = io::BufWriter::new(f);
bincode::serialize_into(writer, &e).unwrap();
}

View File

@ -1,8 +1,6 @@
use super::*;
use crate::backends::FolderHash;
use std::collections::BTreeMap;
use std::fs;
use std::io;
use std::ops::{Deref, DerefMut};
use std::sync::{Arc, RwLock, RwLockReadGuard, RwLockWriteGuard};
@ -52,19 +50,21 @@ pub struct Collection {
impl Drop for Collection {
fn drop(&mut self) {
let cache_dir: xdg::BaseDirectories =
xdg::BaseDirectories::with_profile("meli", "threads".to_string()).unwrap();
if let Ok(cached) = cache_dir.place_cache_file("threads") {
/* place result in cache directory */
let f = match fs::File::create(cached) {
Ok(f) => f,
Err(e) => {
panic!("{}", e);
}
};
let writer = io::BufWriter::new(f);
bincode::serialize_into(writer, &self.threads).unwrap();
}
/*
let cache_dir: xdg::BaseDirectories =
xdg::BaseDirectories::with_profile("meli", "threads".to_string()).unwrap();
if let Ok(cached) = cache_dir.place_cache_file("threads") {
/* place result in cache directory */
let f = match fs::File::create(cached) {
Ok(f) => f,
Err(e) => {
panic!("{}", e);
}
};
let writer = io::BufWriter::new(f);
bincode::serialize_into(writer, &self.threads).unwrap();
}
*/
}
}

View File

@ -28,7 +28,6 @@
//!
use std::alloc::System;
use std::io::Write;
use std::path::{Path, PathBuf};
#[global_allocator]
@ -209,14 +208,7 @@ fn run_app() -> Result<()> {
if config_path.exists() {
return Err(MeliError::new(format!("File `{}` already exists.\nMaybe you meant to specify another path with --create-config=PATH", config_path.display())));
}
let mut file = std::fs::OpenOptions::new()
.write(true)
.create_new(true)
.open(config_path.as_path())
.map_err(|e| MeliError::new(format!("Could not create config file:\n{}", e)))?;
file.write_all(include_bytes!("../sample-config"))
.map_err(|e| MeliError::new(format!("Could not write to config file:\n{}", e)))?;
println!("Written example configuration to {}", config_path.display());
ui::conf::create_config_file(&config_path)?;
return Ok(());
}

View File

@ -1096,6 +1096,12 @@ impl Component for MailView {
}
Ok(f) => f,
};
use std::os::unix::fs::PermissionsExt;
let metadata = f.metadata().unwrap();
let mut permissions = metadata.permissions();
permissions.set_mode(0o600); // Read/write for owner only.
f.set_permissions(permissions).unwrap();
f.write_all(&decode(u, None)).unwrap();
f.flush().unwrap();

View File

@ -51,7 +51,8 @@ use std::collections::HashMap;
use std::env;
use std::fs::{File, OpenOptions};
use std::io::{self, BufRead, Read, Write};
use std::path::PathBuf;
use std::os::unix::fs::PermissionsExt;
use std::path::{Path, PathBuf};
#[macro_export]
macro_rules! split_command {
@ -291,14 +292,7 @@ impl FileSettings {
match buffer.trim() {
"Y" | "y" | "yes" | "YES" | "Yes" => {
let mut file = OpenOptions::new()
.write(true)
.create_new(true)
.open(config_path.as_path())
.expect("Could not create config file.");
file.write_all(include_bytes!("../../sample-config"))
.expect("Could not write to config file.");
println!("Written config to {}", config_path.display());
create_config_file(&config_path)?;
return Err(MeliError::new(
"Edit the sample configuration and relaunch meli.",
));
@ -559,3 +553,20 @@ pub fn usage(name: &str) -> Option<SpecialUseMailbox> {
Some(SpecialUseMailbox::Normal)
}
}
pub fn create_config_file(p: &Path) -> Result<()> {
let mut file = OpenOptions::new()
.write(true)
.create_new(true)
.open(p)
.expect("Could not create config file.");
file.write_all(include_bytes!("../../sample-config"))
.expect("Could not write to config file.");
println!("Written example configuration to {}", p.display());
let metadata = file.metadata()?;
let mut permissions = metadata.permissions();
permissions.set_mode(0o600); // Read/write for owner only.
file.set_permissions(permissions)?;
Ok(())
}

View File

@ -44,6 +44,7 @@ use std::collections::VecDeque;
use std::fs;
use std::io;
use std::ops::{Index, IndexMut};
use std::os::unix::fs::PermissionsExt;
use std::result;
use std::sync::{Arc, RwLock};
@ -177,6 +178,11 @@ impl Drop for Account {
return;
}
};
let metadata = f.metadata().unwrap();
let mut permissions = metadata.permissions();
permissions.set_mode(0o600); // Read/write for owner only.
f.set_permissions(permissions).unwrap();
let writer = io::BufWriter::new(f);
if let Err(err) = serde_json::to_writer(writer, &self.address_book) {
eprintln!("{}", err);
@ -192,6 +198,11 @@ impl Drop for Account {
return;
}
};
let metadata = f.metadata().unwrap();
let mut permissions = metadata.permissions();
permissions.set_mode(0o600); // Read/write for owner only.
f.set_permissions(permissions).unwrap();
let writer = io::BufWriter::new(f);
if let Err(err) = bincode::serialize_into(writer, &self.folders) {
eprintln!("{}", err);
@ -254,6 +265,11 @@ impl Account {
let address_book = if let Ok(data) = data_dir.place_data_file("addressbook") {
if data.exists() {
let reader = io::BufReader::new(fs::File::open(data).unwrap());
let metadata = reader.get_ref().metadata().unwrap();
let mut permissions = metadata.permissions();
permissions.set_mode(0o600); // Read/write for owner only.
reader.get_ref().set_permissions(permissions).unwrap();
let result: result::Result<AddressBook, _> = serde_json::from_reader(reader);
if let Ok(data_t) = result {
data_t

View File

@ -72,13 +72,25 @@ pub fn open_db() -> Result<Connection> {
let db_path = data_dir
.place_data_file("index.db")
.map_err(|e| MeliError::new(e.to_string()))?;
let mut set_mode = false;
if !db_path.exists() {
log(
format!("Creating index database in {}", db_path.display()),
melib::INFO,
);
set_mode = true;
}
let conn = Connection::open(db_path).map_err(|e| MeliError::new(e.to_string()))?;
let conn = Connection::open(&db_path).map_err(|e| MeliError::new(e.to_string()))?;
if set_mode {
use std::os::unix::fs::PermissionsExt;
let file = std::fs::File::open(&db_path)?;
let metadata = file.metadata()?;
let mut permissions = metadata.permissions();
permissions.set_mode(0o600); // Read/write for owner only.
file.set_permissions(permissions)?;
}
conn.execute_batch(
"CREATE TABLE IF NOT EXISTS envelopes (
id INTEGER PRIMARY KEY,

View File

@ -23,6 +23,7 @@ use std;
use std::fs;
use std::fs::OpenOptions;
use std::io::{Read, Write};
use std::os::unix::fs::PermissionsExt;
use std::path::PathBuf;
use uuid::Uuid;
@ -92,6 +93,11 @@ pub fn create_temp_file(
};
let mut f = std::fs::File::create(path).unwrap();
let metadata = f.metadata().unwrap();
let mut permissions = metadata.permissions();
permissions.set_mode(0o600); // Read/write for owner only.
f.set_permissions(permissions).unwrap();
f.write_all(bytes).unwrap();
f.flush().unwrap();