gnustep/libs-base
0
0
Fork 0
mirror of https://github.com/gnustep/libs-base.git synced 2025-05-31 16:50:58 +00:00
Code Issues Projects Releases Packages Wiki Activity

Force defaults file to be accessible only to the user

Browse source 
git-svn-id: svn+ssh://svn.gna.org/svn/gnustep/libs/base/trunk@11330 72102866-910b-0410-8b05-ffd578937521
This commit is contained in:
CaS 2001-11-07 14:29:58 +00:00
parent a189803d0a
commit a77ecf9d81
2 changed files with 33 additions and 0 deletions
Download patch file Download diff file Expand all files Collapse all files

5
ChangeLog
View file

@ -1,3 +1,8 @@
2001-11-07 Richard Frith-Macdonald <rfm@gnu.org>
* Source/NSUserDefaults.m: force defaults data to be read/write
only to the user. Supplied by Ludovic Marcotte
Wed Nov 7 09:04:51 2001 Nicola Pero <n.pero@mi.flashnet.it> Wed Nov 7 09:04:51 2001 Nicola Pero <n.pero@mi.flashnet.it>
After this change you need the latest gnustep-make to compile. After this change you need the latest gnustep-make to compile.

28
Source/NSUserDefaults.m
View file

@ -43,6 +43,7 @@
#include <Foundation/NSDistributedLock.h> #include <Foundation/NSDistributedLock.h>
#include <Foundation/NSRunLoop.h> #include <Foundation/NSRunLoop.h>
#include <Foundation/NSBundle.h> #include <Foundation/NSBundle.h>
#include <Foundation/NSValue.h>
#include <base/GSLocale.h> #include <base/GSLocale.h>
/* Wait for access */ /* Wait for access */
@ -904,6 +905,9 @@ static NSString *pathForUser(NSString *user)
// Read the persistent data from the stored database // Read the persistent data from the stored database
if ([mgr fileExistsAtPath: _defaultsDatabase]) if ([mgr fileExistsAtPath: _defaultsDatabase])
{ {
unsigned long desired;
unsigned long attributes;
newDict = [[NSMutableDictionaryClass allocWithZone: [self zone]] newDict = [[NSMutableDictionaryClass allocWithZone: [self zone]]
initWithContentsOfFile: _defaultsDatabase]; initWithContentsOfFile: _defaultsDatabase];
if (newDict == nil) if (newDict == nil)
@ -912,6 +916,30 @@ static NSString *pathForUser(NSString *user)
NSLog(@"Unable to load defaults from '%@'", _defaultsDatabase); NSLog(@"Unable to load defaults from '%@'", _defaultsDatabase);
return NO; return NO;
} }
attributes = [[mgr fileAttributesAtPath: _defaultsDatabase
traverseLink: YES] filePosixPermissions];
// We enforce the permission mode 0600 on the defaults database
#if !(defined(S_IRUSR) && defined(S_IWUSR))
desired = 0600;
#else
desired = (S_IRUSR|S_IWUSR);
#endif
if (attributes != desired)
{
NSMutableDictionary *enforced_attributes;
NSNumber *permissions;
enforced_attributes = [NSMutableDictionary dictionaryWithDictionary:
[mgr fileAttributesAtPath: _defaultsDatabase traverseLink: YES]];
permissions = [NSNumber numberWithUnsignedLong: desired];
[enforced_attributes setObject: permissions
forKey: NSFilePosixPermissions];
[mgr changeFileAttributes: enforced_attributes
atPath: _defaultsDatabase];
}
} }
else else
{ {