Make config and cookie files only readable/writable by current user

2025-02-02 05:52:31 +01:00 · 2014-10-28 21:03:02 +02:00 · 2014-10-28 21:03:02 +02:00 · cb2395b0ba
commit cb2395b0ba
parent bddde5b0da
4 changed files with 30 additions and 0 deletions
--- a/include/util.h
+++ b/include/util.h
@ -16,6 +16,7 @@
 #include <iostream>
 #include <sstream>
 #include <rhash.h>
+#include <boost/filesystem.hpp>

 struct gameSpecificConfig
 {
@ -34,6 +35,7 @@ namespace Util
    int getGameSpecificConfig(std::string gamename, gameSpecificConfig* conf, std::string directory = std::string());
    int replaceString(std::string& str, const std::string& to_replace, const std::string& replace_with);
    void filepathReplaceReservedStrings(std::string& str, const std::string& gamename, const unsigned int& platformId = 0, const std::string& dlcname = "");
+    void setFilePermissions(const boost::filesystem::path& path, const boost::filesystem::perms& permissions);
 }

 #endif // UTIL_H
--- a/main.cpp
+++ b/main.cpp
@ -416,6 +416,10 @@ int main(int argc, char *argv[])
            return 1;
    }

+    // Make sure that config file and cookie file are only readable/writable by owner
+    Util::setFilePermissions(config.sConfigFilePath, boost::filesystem::owner_read | boost::filesystem::owner_write);
+    Util::setFilePermissions(config.sCookiePath, boost::filesystem::owner_read | boost::filesystem::owner_write);
+
    if (config.bSaveConfig || iLoginResult == 1)
    {
        if (iLoginResult == 1)
@ -472,6 +476,7 @@ int main(int argc, char *argv[])
                }
            }
            ofs.close();
+            Util::setFilePermissions(config.sConfigFilePath, boost::filesystem::owner_read | boost::filesystem::owner_write);
            return 0;
        }
        else
@ -491,6 +496,7 @@ int main(int argc, char *argv[])
                ofs << "secret = " << config.sSecret << std::endl;
            }
            ofs.close();
+            Util::setFilePermissions(config.sConfigFilePath, boost::filesystem::owner_read | boost::filesystem::owner_write);
            return 0;
        }
        else
--- a/src/downloader.cpp
+++ b/src/downloader.cpp
@ -41,6 +41,8 @@ Downloader::~Downloader()
    delete gogAPI;
    curl_easy_cleanup(curlhandle);
    curl_global_cleanup();
+    // Make sure that cookie file is only readable/writable by owner
+    Util::setFilePermissions(config.sCookiePath, boost::filesystem::owner_read | boost::filesystem::owner_write);
 }


--- a/src/util.cpp
+++ b/src/util.cpp
@ -314,3 +314,23 @@ void Util::filepathReplaceReservedStrings(std::string& str, const std::string& g
    while (Util::replaceString(str, "%platform%", platform));
    while (Util::replaceString(str, "//", "/")); // Replace any double slashes with single slash
 }
+
+void Util::setFilePermissions(const boost::filesystem::path& path, const boost::filesystem::perms& permissions)
+{
+    if (boost::filesystem::exists(path))
+    {
+        if (boost::filesystem::is_regular_file(path))
+        {
+            boost::filesystem::file_status s = boost::filesystem::status(path);
+            if (s.permissions() != permissions)
+            {
+                boost::system::error_code ec;
+                boost::filesystem::permissions(path, permissions, ec);
+                if (ec)
+                {
+                    std::cout << "Failed to set file permissions for " << path.string() << std::endl;
+                }
+            }
+        }
+    }
+}