From c0a2b55efd2b4bd23d2332f13ceb8e075318d64e Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Joan=20Bruguera=20Mic=C3=B3?= Date: Sat, 28 Dec 2024 12:05:58 +0000 Subject: [PATCH] Create new base directories with mode 0700 If base directories (e.g. $HOME/.config/fish) need to be created, create them with mode 0700 (i.e. restricted to the owner). This both keeps the behavior of old fish versions (e.g. 3.7.1) and is compliant with the XDG Base Directory Specification. See: https://specifications.freedesktop.org/basedir-spec/0.8/#referencing --- src/path.rs | 11 ++++++++++- tests/checks/create-base-directories.fish | 16 ++++++++++++++++ 2 files changed, 26 insertions(+), 1 deletion(-) create mode 100644 tests/checks/create-base-directories.fish diff --git a/src/path.rs b/src/path.rs index c8ad89458..b9185680f 100644 --- a/src/path.rs +++ b/src/path.rs @@ -667,7 +667,7 @@ fn make_base_directory(xdg_var: &wstr, non_xdg_homepath: &wstr) -> BaseDirectory let mut remoteness = DirRemoteness::unknown; if path.is_empty() { err = ENOENT; - } else if let Err(io_error) = std::fs::create_dir_all(wcs2osstring(&path)) { + } else if let Err(io_error) = create_dir_all_with_mode(wcs2osstring(&path), 0o700) { err = io_error.raw_os_error().unwrap_or_default(); } else { err = 0; @@ -685,6 +685,15 @@ fn make_base_directory(xdg_var: &wstr, non_xdg_homepath: &wstr) -> BaseDirectory } } +// Like std::fs::create_dir_all, but new directories are created using the given mode (e.g. 0o700). +fn create_dir_all_with_mode>(path: P, mode: u32) -> std::io::Result<()> { + use std::os::unix::fs::DirBuilderExt; + std::fs::DirBuilder::new() + .recursive(true) + .mode(mode) + .create(path.as_ref()) +} + /// Return whether the given path is on a remote filesystem. fn path_remoteness(path: &wstr) -> DirRemoteness { let narrow = wcs2zstring(path); diff --git a/tests/checks/create-base-directories.fish b/tests/checks/create-base-directories.fish new file mode 100644 index 000000000..1dc97891d --- /dev/null +++ b/tests/checks/create-base-directories.fish @@ -0,0 +1,16 @@ +#RUN: %fish -C 'set -l fish %fish' %s + +# Set a XDG_CONFIG_HOME with both pre-existing and non-existing directories. +set -l dir (mktemp -d) +mkdir -m 0755 $dir/old +set -gx XDG_CONFIG_HOME $dir/old/new + +# Launch fish so it will create all missing directories. +$fish -c '' + +# Check that existing directories kept their permissions, and new directories +# have the right permissions according to the XDG Base Directory Specification. +ls -ld $dir/old $dir/old/new $dir/old/new/fish | awk '{print $1}' +# CHECK: drwxr-xr-x +# CHECK: drwx------ +# CHECK: drwx------