From cb2395b0bae76a76da3cc8cfea0f5302797ea090 Mon Sep 17 00:00:00 2001 From: Sude Date: Tue, 28 Oct 2014 21:03:02 +0200 Subject: [PATCH] Make config and cookie files only readable/writable by current user --- include/util.h | 2 ++ main.cpp | 6 ++++++ src/downloader.cpp | 2 ++ src/util.cpp | 20 ++++++++++++++++++++ 4 files changed, 30 insertions(+) diff --git a/include/util.h b/include/util.h index a027a80..158b6e8 100644 --- a/include/util.h +++ b/include/util.h @@ -16,6 +16,7 @@ #include #include #include +#include struct gameSpecificConfig { @@ -34,6 +35,7 @@ namespace Util int getGameSpecificConfig(std::string gamename, gameSpecificConfig* conf, std::string directory = std::string()); int replaceString(std::string& str, const std::string& to_replace, const std::string& replace_with); void filepathReplaceReservedStrings(std::string& str, const std::string& gamename, const unsigned int& platformId = 0, const std::string& dlcname = ""); + void setFilePermissions(const boost::filesystem::path& path, const boost::filesystem::perms& permissions); } #endif // UTIL_H diff --git a/main.cpp b/main.cpp index c752031..d32fe9e 100644 --- a/main.cpp +++ b/main.cpp @@ -416,6 +416,10 @@ int main(int argc, char *argv[]) return 1; } + // Make sure that config file and cookie file are only readable/writable by owner + Util::setFilePermissions(config.sConfigFilePath, boost::filesystem::owner_read | boost::filesystem::owner_write); + Util::setFilePermissions(config.sCookiePath, boost::filesystem::owner_read | boost::filesystem::owner_write); + if (config.bSaveConfig || iLoginResult == 1) { if (iLoginResult == 1) @@ -472,6 +476,7 @@ int main(int argc, char *argv[]) } } ofs.close(); + Util::setFilePermissions(config.sConfigFilePath, boost::filesystem::owner_read | boost::filesystem::owner_write); return 0; } else @@ -491,6 +496,7 @@ int main(int argc, char *argv[]) ofs << "secret = " << config.sSecret << std::endl; } ofs.close(); + Util::setFilePermissions(config.sConfigFilePath, boost::filesystem::owner_read | boost::filesystem::owner_write); return 0; } else diff --git a/src/downloader.cpp b/src/downloader.cpp index 5f9f681..e7bcfdb 100644 --- a/src/downloader.cpp +++ b/src/downloader.cpp @@ -41,6 +41,8 @@ Downloader::~Downloader() delete gogAPI; curl_easy_cleanup(curlhandle); curl_global_cleanup(); + // Make sure that cookie file is only readable/writable by owner + Util::setFilePermissions(config.sCookiePath, boost::filesystem::owner_read | boost::filesystem::owner_write); } diff --git a/src/util.cpp b/src/util.cpp index 8d4ba1a..79bda05 100644 --- a/src/util.cpp +++ b/src/util.cpp @@ -314,3 +314,23 @@ void Util::filepathReplaceReservedStrings(std::string& str, const std::string& g while (Util::replaceString(str, "%platform%", platform)); while (Util::replaceString(str, "//", "/")); // Replace any double slashes with single slash } + +void Util::setFilePermissions(const boost::filesystem::path& path, const boost::filesystem::perms& permissions) +{ + if (boost::filesystem::exists(path)) + { + if (boost::filesystem::is_regular_file(path)) + { + boost::filesystem::file_status s = boost::filesystem::status(path); + if (s.permissions() != permissions) + { + boost::system::error_code ec; + boost::filesystem::permissions(path, permissions, ec); + if (ec) + { + std::cout << "Failed to set file permissions for " << path.string() << std::endl; + } + } + } + } +}