Mirrors/lgogdownloader
2
0
Fork 0
mirror of https://github.com/Sude-/lgogdownloader.git synced 2025-02-02 05:52:31 +01:00
Code Issues Packages Projects Releases Wiki Activity

Add --respect-umask option to prevent adjusting permissions

Browse Source 
I would like to use LGOGDownloader in conjunction with Gentoo's
package manager, which may execute it as root, portage, or some other
user in the portage group. A shared configuration under /etc will be
used to avoid sandboxing issues. This will not be world readable.
This commit is contained in:
James Le Cuirot 2016-09-21 23:49:32 +01:00
parent 4ee63f7e87
commit e36552c6ed
No known key found for this signature in database
GPG Key ID: 21C632129C6D7DE4
3 changed files with 13 additions and 5 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
include/config.h
View File

@ -48,6 +48,7 @@ class Config
bool bShowWishlist; bool bShowWishlist;
bool bAutomaticXMLCreation; bool bAutomaticXMLCreation;
bool bSaveChangelogs; bool bSaveChangelogs;
bool bRespectUmask;
std::string sGameRegex; std::string sGameRegex;
std::string sDirectory; std::string sDirectory;
std::string sCacheDirectory; std::string sCacheDirectory;

6
main.cpp
View File

@ -144,6 +144,7 @@ int main(int argc, char *argv[])
("login-api", bpo::value<bool>(&config.bLoginAPI)->zero_tokens()->default_value(false), "Login (API only)") ("login-api", bpo::value<bool>(&config.bLoginAPI)->zero_tokens()->default_value(false), "Login (API only)")
("login-website", bpo::value<bool>(&config.bLoginHTTP)->zero_tokens()->default_value(false), "Login (website only)") ("login-website", bpo::value<bool>(&config.bLoginHTTP)->zero_tokens()->default_value(false), "Login (website only)")
("cacert", bpo::value<std::string>(&config.sCACertPath)->default_value(""), "Path to CA certificate bundle in PEM format") ("cacert", bpo::value<std::string>(&config.sCACertPath)->default_value(""), "Path to CA certificate bundle in PEM format")
("respect-umask", bpo::value<bool>(&config.bRespectUmask)->zero_tokens()->default_value(false), "Do not adjust permissions of sensitive files")
; ;
// Commandline options (config file) // Commandline options (config file)
options_cli_cfg.add_options() options_cli_cfg.add_options()
@ -462,8 +463,11 @@ int main(int argc, char *argv[])
} }
// Make sure that config file and cookie file are only readable/writable by owner // Make sure that config file and cookie file are only readable/writable by owner
if (!config.bRespectUmask)
{
Util::setFilePermissions(config.sConfigFilePath, boost::filesystem::owner_read | boost::filesystem::owner_write); Util::setFilePermissions(config.sConfigFilePath, boost::filesystem::owner_read | boost::filesystem::owner_write);
Util::setFilePermissions(config.sCookiePath, boost::filesystem::owner_read | boost::filesystem::owner_write); Util::setFilePermissions(config.sCookiePath, boost::filesystem::owner_read | boost::filesystem::owner_write);
}
if (config.bSaveConfig || iLoginResult == 1) if (config.bSaveConfig || iLoginResult == 1)
{ {
@ -520,6 +524,7 @@ int main(int argc, char *argv[])
} }
} }
ofs.close(); ofs.close();
if (!config.bRespectUmask)
Util::setFilePermissions(config.sConfigFilePath, boost::filesystem::owner_read | boost::filesystem::owner_write); Util::setFilePermissions(config.sConfigFilePath, boost::filesystem::owner_read | boost::filesystem::owner_write);
if (config.bSaveConfig) if (config.bSaveConfig)
return 0; return 0;
@ -541,6 +546,7 @@ int main(int argc, char *argv[])
ofs << "secret = " << config.sSecret << std::endl; ofs << "secret = " << config.sSecret << std::endl;
} }
ofs.close(); ofs.close();
if (!config.bRespectUmask)
Util::setFilePermissions(config.sConfigFilePath, boost::filesystem::owner_read | boost::filesystem::owner_write); Util::setFilePermissions(config.sConfigFilePath, boost::filesystem::owner_read | boost::filesystem::owner_write);
return 0; return 0;
} }

1
src/downloader.cpp
View File

@ -55,6 +55,7 @@ Downloader::~Downloader()
curl_global_cleanup(); curl_global_cleanup();
ssl_thread_cleanup(); ssl_thread_cleanup();
// Make sure that cookie file is only readable/writable by owner // Make sure that cookie file is only readable/writable by owner
if (!config.bRespectUmask)
Util::setFilePermissions(config.sCookiePath, boost::filesystem::owner_read | boost::filesystem::owner_write); Util::setFilePermissions(config.sCookiePath, boost::filesystem::owner_read | boost::filesystem::owner_write);
} }