From a77ecf9d81e54432979f11a12b414d529bb247e9 Mon Sep 17 00:00:00 2001
From: CaS <CaS@72102866-910b-0410-8b05-ffd578937521>
Date: Wed, 7 Nov 2001 14:29:58 +0000
Subject: [PATCH] Force defaults file to be accessible only to the user

git-svn-id: svn+ssh://svn.gna.org/svn/gnustep/libs/base/trunk@11330 72102866-910b-0410-8b05-ffd578937521
---
 ChangeLog               |  5 +++++
 Source/NSUserDefaults.m | 28 ++++++++++++++++++++++++++++
 2 files changed, 33 insertions(+)

diff --git a/ChangeLog b/ChangeLog
index 19e573976..605203881 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,3 +1,8 @@
+2001-11-07  Richard Frith-Macdonald <rfm@gnu.org>
+
+	* Source/NSUserDefaults.m: force defaults data to be read/write
+	only to the user.  Supplied by Ludovic Marcotte
+
 Wed Nov  7 09:04:51 2001  Nicola Pero  <n.pero@mi.flashnet.it>
 
 	After this change you need the latest gnustep-make to compile.
diff --git a/Source/NSUserDefaults.m b/Source/NSUserDefaults.m
index 696be5f52..c58e6dbe9 100644
--- a/Source/NSUserDefaults.m
+++ b/Source/NSUserDefaults.m
@@ -43,6 +43,7 @@
 #include <Foundation/NSDistributedLock.h>
 #include <Foundation/NSRunLoop.h>
 #include <Foundation/NSBundle.h>
+#include <Foundation/NSValue.h>
 #include <base/GSLocale.h>
 
 /* Wait for access */
@@ -904,6 +905,9 @@ static NSString	*pathForUser(NSString *user)
   // Read the persistent data from the stored database
   if ([mgr fileExistsAtPath: _defaultsDatabase])
     {
+      unsigned long desired;
+      unsigned long attributes;
+
       newDict = [[NSMutableDictionaryClass allocWithZone: [self zone]]
         initWithContentsOfFile: _defaultsDatabase];
       if (newDict == nil)
@@ -912,6 +916,30 @@ static NSString	*pathForUser(NSString *user)
 	  NSLog(@"Unable to load defaults from '%@'", _defaultsDatabase);
 	  return NO;
 	}
+      
+      attributes = [[mgr fileAttributesAtPath: _defaultsDatabase
+	traverseLink: YES] filePosixPermissions];
+      // We enforce the permission mode 0600 on the defaults database
+#if	!(defined(S_IRUSR) && defined(S_IWUSR))
+      desired = 0600;
+#else
+      desired = (S_IRUSR|S_IWUSR);
+#endif
+      if (attributes != desired)
+	{
+	  NSMutableDictionary	*enforced_attributes;
+	  NSNumber		*permissions;
+	  
+	  enforced_attributes = [NSMutableDictionary dictionaryWithDictionary:
+	    [mgr fileAttributesAtPath: _defaultsDatabase traverseLink: YES]];
+
+	  permissions = [NSNumber numberWithUnsignedLong: desired];
+	  [enforced_attributes setObject: permissions
+				  forKey: NSFilePosixPermissions];
+
+	  [mgr changeFileAttributes: enforced_attributes 
+			     atPath: _defaultsDatabase];
+	}
     }
   else
     {