[almanah] core: Change permissions of diary.db to 0600
- From: Philip Withnall <pwithnall src gnome org>
- To: commits-list gnome org
- Cc:
- Subject: [almanah] core: Change permissions of diary.db to 0600
- Date: Tue, 29 Oct 2013 11:31:45 +0000 (UTC)
commit 0e00b6cb7265c0642d05566fb24a93c614145e9d
Author: Daniel Mustieles <daniel mustieles gmail com>
Date: Tue Oct 8 12:44:49 2013 +0200
core: Change permissions of diary.db to 0600
Add chmod() calls at various places in the StorageManager and import and
export code to change the permissions of files containing diary entries
(including the database, the encrypted database, database backups and
different formats of exported files) to be 0600.
src/export-operation.c | 36 ++++++++++++++++++++++++++++++---
src/storage-manager.c | 51 +++++++++++++++++++++++++++++++++++++++++------
2 files changed, 76 insertions(+), 11 deletions(-)
---
diff --git a/src/export-operation.c b/src/export-operation.c
index c001041..96e9be2 100644
--- a/src/export-operation.c
+++ b/src/export-operation.c
@@ -18,8 +18,10 @@
*/
#include <config.h>
+#include <errno.h>
#include <glib.h>
#include <glib/gi18n.h>
+#include <glib/gstdio.h>
#include <gtk/gtk.h>
#include "export-operation.h"
@@ -213,7 +215,7 @@ export_text_files (AlmanahExportOperation *self, GFile *destination, AlmanahExpo
almanah_storage_manager_iter_init (&iter);
while ((entry = almanah_storage_manager_get_entries (self->priv->storage_manager, &iter)) != NULL) {
GDate date;
- gchar *filename, *content;
+ gchar *filename, *content, *path;
GFile *file;
GtkTextIter start_iter, end_iter;
@@ -245,11 +247,26 @@ export_text_files (AlmanahExportOperation *self, GFile *destination, AlmanahExpo
break;
}
- /* Progress callback */
- progress_idle_callback (progress_callback, progress_user_data, &date);
+ g_free (content);
+
+ /* Ensure the file is only readable to the current user. */
+ path = g_file_get_path (file);
+ if (g_chmod (path, 0600) != 0) {
+ g_set_error (&child_error, G_IO_ERROR, G_IO_ERROR_FAILED,
+ _("Error changing exported file permissions: %s"),
+ g_strerror (errno));
+
+ g_object_unref (file);
+ g_free (path);
+
+ break;
+ }
g_object_unref (file);
- g_free (content);
+ g_free (path);
+
+ /* Progress callback */
+ progress_idle_callback (progress_callback, progress_user_data, &date);
/* Clear the buffer. */
gtk_text_buffer_delete (buffer, &start_iter, &end_iter);
@@ -279,6 +296,7 @@ export_database (AlmanahExportOperation *self, GFile *destination, AlmanahExport
{
GFile *source;
gboolean success;
+ gchar *destination_path;
/* We ignore the progress callbacks, since this is a fairly fast operation, and it exports all the
entries at once. */
@@ -288,6 +306,16 @@ export_database (AlmanahExportOperation *self, GFile *destination, AlmanahExport
/* Copy the current database to that location */
success = g_file_copy (source, destination, G_FILE_COPY_OVERWRITE, cancellable, NULL, NULL, error);
+ /* Ensure the backup is only readable to the current user. */
+ destination_path = g_file_get_path (destination);
+ if (success == TRUE && g_chmod (destination_path, 0600) != 0) {
+ g_set_error (error, G_IO_ERROR, G_IO_ERROR_FAILED,
+ _("Error changing exported file permissions: %s"),
+ g_strerror (errno));
+ success = FALSE;
+ }
+
+ g_free (destination_path);
g_object_unref (source);
return success;
diff --git a/src/storage-manager.c b/src/storage-manager.c
index d99dbed..adb5e9b 100644
--- a/src/storage-manager.c
+++ b/src/storage-manager.c
@@ -18,6 +18,7 @@
*/
#include <config.h>
+#include <errno.h>
#include <glib.h>
#include <glib/gi18n.h>
#include <glib/gstdio.h>
@@ -525,11 +526,12 @@ get_encryption_key (AlmanahStorageManager *self)
}
#endif /* ENABLE_ENCRYPTION */
-static void
-back_up_file (const gchar *filename)
+static gboolean
+back_up_file (const gchar *filename, GError **error)
{
GFile *original_file, *backup_file;
gchar *backup_filename;
+ gboolean retval = TRUE;
/* Make a backup of the encrypted database file */
original_file = g_file_new_for_path (filename);
@@ -537,10 +539,22 @@ back_up_file (const gchar *filename)
backup_file = g_file_new_for_path (backup_filename);
g_free (backup_filename);
- g_file_copy_async (original_file, backup_file, G_FILE_COPY_OVERWRITE, G_PRIORITY_DEFAULT, NULL, NULL,
NULL, NULL, NULL);
+ if (g_file_copy (original_file, backup_file, G_FILE_COPY_OVERWRITE, NULL, NULL, NULL, error) ==
FALSE) {
+ retval = FALSE;
+ }
+
+ /* Ensure the backup is only readable to the current user. */
+ if (g_chmod (backup_filename, 0600) != 0 && errno != ENOENT) {
+ g_set_error (error, ALMANAH_STORAGE_MANAGER_ERROR,
ALMANAH_STORAGE_MANAGER_ERROR_CREATING_CONTEXT,
+ _("Error changing database backup file permissions: %s"),
+ g_strerror (errno));
+ retval = FALSE;
+ }
g_object_unref (original_file);
g_object_unref (backup_file);
+
+ return retval;
}
gboolean
@@ -548,16 +562,27 @@ almanah_storage_manager_connect (AlmanahStorageManager *self, GError **error)
{
#ifdef ENABLE_ENCRYPTION
struct stat encrypted_db_stat, plaintext_db_stat;
+ GError *child_error = NULL;
g_stat (self->priv->filename, &encrypted_db_stat);
+ if (g_chmod (self->priv->filename, 0600) != 0 && errno != ENOENT) {
+ g_set_error (error, ALMANAH_STORAGE_MANAGER_ERROR,
ALMANAH_STORAGE_MANAGER_ERROR_CREATING_CONTEXT,
+ _("Error changing database file permissions: %s"),
+ g_strerror (errno));
+ return FALSE;
+ }
+
/* If we're decrypting, don't bother if the cipher file doesn't exist (i.e. the database hasn't yet
been created), or is empty
* (i.e. corrupt). */
if (g_file_test (self->priv->filename, G_FILE_TEST_IS_REGULAR) == TRUE && encrypted_db_stat.st_size >
0) {
- GError *child_error = NULL;
-
/* Make a backup of the encrypted database file */
- back_up_file (self->priv->filename);
+ back_up_file (self->priv->filename, &child_error);
+ if (child_error != NULL) {
+ /* Translators: the first parameter is a filename, the second is an error message. */
+ g_warning (_("Error backing up file ā%sā: %s"), self->priv->filename,
child_error->message);
+ g_clear_error (&child_error);
+ }
g_stat (self->priv->plain_filename, &plaintext_db_stat);
@@ -580,7 +605,12 @@ almanah_storage_manager_connect (AlmanahStorageManager *self, GError **error)
self->priv->decrypted = TRUE;
#else
/* Make a backup of the plaintext database file */
- back_up_file (self->priv->plain_filename);
+ back_up_file (self->priv->plain_filename, &child_error);
+ if (child_error != NULL) {
+ /* Translators: the first parameter is a filename, the second is an error message. */
+ g_warning (_("Error backing up file ā%sā: %s"), self->priv->plain_filename,
child_error->message);
+ g_clear_error (&child_error);
+ }
self->priv->decrypted = FALSE;
#endif /* ENABLE_ENCRYPTION */
@@ -592,6 +622,13 @@ almanah_storage_manager_connect (AlmanahStorageManager *self, GError **error)
return FALSE;
}
+ if (g_chmod (self->priv->plain_filename, 0600) != 0 && errno != ENOENT) {
+ g_set_error (error, ALMANAH_STORAGE_MANAGER_ERROR,
ALMANAH_STORAGE_MANAGER_ERROR_CREATING_CONTEXT,
+ _("Error changing database file permissions: %s"),
+ g_strerror (errno));
+ return FALSE;
+ }
+
/* Can't hurt to create the tables now */
create_tables (self);
[
Date Prev][
Date Next] [
Thread Prev][
Thread Next]
[
Thread Index]
[
Date Index]
[
Author Index]
