[evolution] Bug 581604 - Permissions on mail/local folders are too open

From: Chenthill Palanisamy <pchen src gnome org>
To: svn-commits-list gnome org
Cc:
Subject: [evolution] Bug 581604 - Permissions on mail/local folders are too open
Date: Fri, 29 Jan 2010 20:01:58 +0000 (UTC)
commit 1359e1e546de15f3df0b033f58f212414862b0a9
Author: Chenthill Palanisamy <pchenthill novell com>
Date:   Sat Jan 30 01:10:36 2010 +0530

     Bug 581604 -  Permissions on mail/local folders are too open

 mail/e-mail-migrate.c   |   20 ++++++++++----------
 mail/mail-tools.c       |    2 +-
 shell/e-shell-backend.c |    2 +-
 shell/e-shell-migrate.c |   45 +++++++++++++++++++++++++++++++++++++++++++++
 4 files changed, 57 insertions(+), 12 deletions(-)
---
diff --git a/mail/e-mail-migrate.c b/mail/e-mail-migrate.c
index 16cdead..939df9b 100644
--- a/mail/e-mail-migrate.c
+++ b/mail/e-mail-migrate.c
@@ -1455,7 +1455,7 @@ cp_r (const gchar *src, const gchar *dest, const gchar *pattern, gint mode)
 	struct stat st;
 	DIR *dir;
 
-	if (g_mkdir_with_parents (dest, 0777) == -1)
+	if (g_mkdir_with_parents (dest, 0700) == -1)
 		return FALSE;
 
 	if (!(dir = opendir (src)))
@@ -1579,7 +1579,7 @@ em_migrate_folder(EMMigrateSession *session, const gchar *dirname, const gchar *
 		slen = src->len;
 		dlen = dest->len;
 
-		if (g_mkdir_with_parents (dest->str, 0777) == -1 && errno != EEXIST) {
+		if (g_mkdir_with_parents (dest->str, 0700) == -1 && errno != EEXIST) {
 			g_set_error (
 				error, E_SHELL_MIGRATE_ERROR,
 				E_SHELL_MIGRATE_ERROR_FAILED,
@@ -2028,7 +2028,7 @@ em_migrate_pop_uid_caches_1_4 (const gchar *data_dir, GError **error)
 	g_free (cache_dir);
 
 	cache_dir = g_build_filename (data_dir, "pop", NULL);
-	if (g_mkdir_with_parents (cache_dir, 0777) == -1) {
+	if (g_mkdir_with_parents (cache_dir, 0700) == -1) {
 		g_set_error (
 			error, E_SHELL_MIGRATE_ERROR,
 			E_SHELL_MIGRATE_ERROR_FAILED,
@@ -2059,7 +2059,7 @@ em_migrate_pop_uid_caches_1_4 (const gchar *data_dir, GError **error)
 		/* strip the trailing '_' */
 		g_string_truncate (newpath, newpath->len - 1);
 
-		if (g_mkdir_with_parents (newpath->str, 0777) == -1
+		if (g_mkdir_with_parents (newpath->str, 0700) == -1
 		    || !cp(oldpath->str, (g_string_append(newpath, "/uid-cache"))->str, FALSE, CP_UNIQUE)) {
 			g_set_error (
 				error, E_SHELL_MIGRATE_ERROR,
@@ -2122,7 +2122,7 @@ em_migrate_folder_expand_state_1_4 (const gchar *data_dir, GError **error)
 
 	destpath = g_string_new (data_dir);
 	g_string_append (destpath, "/config");
-	if (g_mkdir_with_parents (destpath->str, 0777) == -1 || !(dir = opendir (srcpath->str))) {
+	if (g_mkdir_with_parents (destpath->str, 0700) == -1 || !(dir = opendir (srcpath->str))) {
 		g_string_free (destpath, TRUE);
 		g_string_free (srcpath, TRUE);
 		return TRUE;
@@ -2220,7 +2220,7 @@ em_migrate_folder_view_settings_1_4 (const gchar *data_dir, GError **error)
 
 	destpath = g_string_new (data_dir);
 	g_string_append (destpath, "/views");
-	if (g_mkdir_with_parents (destpath->str, 0777) == -1 || !(dir = opendir (srcpath->str))) {
+	if (g_mkdir_with_parents (destpath->str, 0700) == -1 || !(dir = opendir (srcpath->str))) {
 		g_string_free (destpath, TRUE);
 		g_string_free (srcpath, TRUE);
 		return TRUE;
@@ -2436,7 +2436,7 @@ em_migrate_imap_cmeta_1_4(const gchar *data_dir, GError **error)
 							       url->host?url->host:"");
 
 					dir = e_path_to_physical(base, path);
-					if (g_mkdir_with_parents(dir, 0777) == 0) {
+					if (g_mkdir_with_parents(dir, 0700) == 0) {
 						gchar *cmeta;
 						FILE *fp;
 
@@ -2531,7 +2531,7 @@ em_migrate_1_4 (const gchar *data_dir, xmlDocPtr filters, xmlDocPtr vfolders, GE
 
 	path = g_strdup_printf ("mbox:%s/.evolution/mail/local", g_get_home_dir ());
 	if (stat (path + 5, &st) == -1) {
-		if (errno != ENOENT || g_mkdir_with_parents (path + 5, 0777) == -1) {
+		if (errno != ENOENT || g_mkdir_with_parents (path + 5, 0700) == -1) {
 			g_set_error (
 				error, E_SHELL_MIGRATE_ERROR,
 				E_SHELL_MIGRATE_ERROR_FAILED,
@@ -2647,7 +2647,7 @@ emm_setup_initial(const gchar *data_dir)
 	d(printf("Setting up initial mail tree\n"));
 
 	base = g_build_filename(data_dir, "local", NULL);
-	if (g_mkdir_with_parents(base, 0777) == -1 && errno != EEXIST) {
+	if (g_mkdir_with_parents(base, 0700) == -1 && errno != EEXIST) {
 		g_free(base);
 		return FALSE;
 	}
@@ -3001,7 +3001,7 @@ e_mail_migrate (EShellBackend *shell_backend,
 	/* make sure ~/.evolution/mail exists */
 	data_dir = e_shell_backend_get_data_dir (shell_backend);
 	if (g_stat (data_dir, &st) == -1) {
-		if (errno != ENOENT || g_mkdir_with_parents (data_dir, 0777) == -1) {
+		if (errno != ENOENT || g_mkdir_with_parents (data_dir, 0700) == -1) {
 			g_set_error (
 				error, E_SHELL_MIGRATE_ERROR,
 				E_SHELL_MIGRATE_ERROR_FAILED,
diff --git a/mail/mail-tools.c b/mail/mail-tools.c
index 8259abd..9e268d8 100644
--- a/mail/mail-tools.c
+++ b/mail/mail-tools.c
@@ -119,7 +119,7 @@ mail_tool_get_local_movemail_path (const guchar *uri, CamelException *ex)
 	data_dir = mail_session_get_data_dir ();
 	path = g_build_filename (data_dir, "spool", NULL);
 
-	if (g_stat(path, &st) == -1 && g_mkdir_with_parents(path, 0777) == -1) {
+	if (g_stat(path, &st) == -1 && g_mkdir_with_parents(path, 0700) == -1) {
 		camel_exception_setv(ex, CAMEL_EXCEPTION_SYSTEM, _("Could not create spool directory `%s': %s"),
 				     path, g_strerror(errno));
 		g_free(path);
diff --git a/shell/e-shell-backend.c b/shell/e-shell-backend.c
index 79acf60..18ebe0f 100644
--- a/shell/e-shell-backend.c
+++ b/shell/e-shell-backend.c
@@ -162,7 +162,7 @@ shell_backend_get_config_dir (EShellBackend *shell_backend)
 
 		/* Create the user configuration directory for this backend,
 		 * which should also create the user data directory. */
-		if (g_mkdir_with_parents (config_dir, 0777) != 0)
+		if (g_mkdir_with_parents (config_dir, 0700) != 0)
 			g_critical (
 				"Cannot create directory %s: %s",
 				config_dir, g_strerror (errno));
diff --git a/shell/e-shell-migrate.c b/shell/e-shell-migrate.c
index 1186b79..6ed7bcc 100644
--- a/shell/e-shell-migrate.c
+++ b/shell/e-shell-migrate.c
@@ -194,6 +194,47 @@ fail:
 	return result;
 }
 
+static void
+change_dir_modes (const gchar *path)
+{
+	GDir *dir;
+	GError *err = NULL;
+	const char *file = NULL;
+
+	dir = g_dir_open (path, 0, &err);
+	if (err) {
+		g_warning ("Error opening directory %s: %s \n", path, err->message);
+		g_clear_error (&err);
+		return;
+	}
+
+	while ((file = g_dir_read_name (dir))) {
+		gchar *full_path = g_build_filename (path, file, NULL);
+
+		if (g_file_test (full_path, G_FILE_TEST_IS_DIR))
+			change_dir_modes (full_path);
+
+		g_free (full_path);
+	}
+
+	g_chmod (path, 0700);	
+	g_dir_close (dir);
+}
+
+static void
+fix_folder_permissions (const char *data_dir)
+{
+	struct stat sb;
+
+	if (g_stat (data_dir, &sb) == -1) {
+		g_warning ("error stat: %s \n", data_dir);
+		return;	
+	}
+
+	if (((guint32) sb.st_mode & 0777) != 0700)
+		change_dir_modes (data_dir);
+}
+
 gboolean
 e_shell_migrate_attempt (EShell *shell)
 {
@@ -221,6 +262,10 @@ e_shell_migrate_attempt (EShell *shell)
 
 	shell_migrate_get_version (shell, &major, &minor, &micro);
 
+	/* This sets the folder permissions to S_IRWXU if needed */
+	if (curr_major <= 2 && curr_minor <= 30)
+		fix_folder_permissions (e_get_user_data_dir ());
+
 	if (!(curr_major > major ||
 		(curr_major == major && curr_minor > minor) ||
 		(curr_major == major && curr_minor == minor && curr_micro > micro)))
[Date Prev][Date Next] [Thread Prev][Thread Next] [Thread Index] [Date Index] [Author Index]