From 1359e1e546de15f3df0b033f58f212414862b0a9 Mon Sep 17 00:00:00 2001 From: Chenthill Palanisamy Date: Sat, 30 Jan 2010 01:10:36 +0530 Subject: Bug 581604 - Permissions on mail/local folders are too open --- mail/e-mail-migrate.c | 20 ++++++++++---------- mail/mail-tools.c | 2 +- shell/e-shell-backend.c | 2 +- shell/e-shell-migrate.c | 45 +++++++++++++++++++++++++++++++++++++++++++++ 4 files changed, 57 insertions(+), 12 deletions(-) diff --git a/mail/e-mail-migrate.c b/mail/e-mail-migrate.c index 16cdead783..939df9bbe0 100644 --- a/mail/e-mail-migrate.c +++ b/mail/e-mail-migrate.c @@ -1455,7 +1455,7 @@ cp_r (const gchar *src, const gchar *dest, const gchar *pattern, gint mode) struct stat st; DIR *dir; - if (g_mkdir_with_parents (dest, 0777) == -1) + if (g_mkdir_with_parents (dest, 0700) == -1) return FALSE; if (!(dir = opendir (src))) @@ -1579,7 +1579,7 @@ em_migrate_folder(EMMigrateSession *session, const gchar *dirname, const gchar * slen = src->len; dlen = dest->len; - if (g_mkdir_with_parents (dest->str, 0777) == -1 && errno != EEXIST) { + if (g_mkdir_with_parents (dest->str, 0700) == -1 && errno != EEXIST) { g_set_error ( error, E_SHELL_MIGRATE_ERROR, E_SHELL_MIGRATE_ERROR_FAILED, @@ -2028,7 +2028,7 @@ em_migrate_pop_uid_caches_1_4 (const gchar *data_dir, GError **error) g_free (cache_dir); cache_dir = g_build_filename (data_dir, "pop", NULL); - if (g_mkdir_with_parents (cache_dir, 0777) == -1) { + if (g_mkdir_with_parents (cache_dir, 0700) == -1) { g_set_error ( error, E_SHELL_MIGRATE_ERROR, E_SHELL_MIGRATE_ERROR_FAILED, @@ -2059,7 +2059,7 @@ em_migrate_pop_uid_caches_1_4 (const gchar *data_dir, GError **error) /* strip the trailing '_' */ g_string_truncate (newpath, newpath->len - 1); - if (g_mkdir_with_parents (newpath->str, 0777) == -1 + if (g_mkdir_with_parents (newpath->str, 0700) == -1 || !cp(oldpath->str, (g_string_append(newpath, "/uid-cache"))->str, FALSE, CP_UNIQUE)) { g_set_error ( error, E_SHELL_MIGRATE_ERROR, @@ -2122,7 +2122,7 @@ em_migrate_folder_expand_state_1_4 (const gchar *data_dir, GError **error) destpath = g_string_new (data_dir); g_string_append (destpath, "/config"); - if (g_mkdir_with_parents (destpath->str, 0777) == -1 || !(dir = opendir (srcpath->str))) { + if (g_mkdir_with_parents (destpath->str, 0700) == -1 || !(dir = opendir (srcpath->str))) { g_string_free (destpath, TRUE); g_string_free (srcpath, TRUE); return TRUE; @@ -2220,7 +2220,7 @@ em_migrate_folder_view_settings_1_4 (const gchar *data_dir, GError **error) destpath = g_string_new (data_dir); g_string_append (destpath, "/views"); - if (g_mkdir_with_parents (destpath->str, 0777) == -1 || !(dir = opendir (srcpath->str))) { + if (g_mkdir_with_parents (destpath->str, 0700) == -1 || !(dir = opendir (srcpath->str))) { g_string_free (destpath, TRUE); g_string_free (srcpath, TRUE); return TRUE; @@ -2436,7 +2436,7 @@ em_migrate_imap_cmeta_1_4(const gchar *data_dir, GError **error) url->host?url->host:""); dir = e_path_to_physical(base, path); - if (g_mkdir_with_parents(dir, 0777) == 0) { + if (g_mkdir_with_parents(dir, 0700) == 0) { gchar *cmeta; FILE *fp; @@ -2531,7 +2531,7 @@ em_migrate_1_4 (const gchar *data_dir, xmlDocPtr filters, xmlDocPtr vfolders, GE path = g_strdup_printf ("mbox:%s/.evolution/mail/local", g_get_home_dir ()); if (stat (path + 5, &st) == -1) { - if (errno != ENOENT || g_mkdir_with_parents (path + 5, 0777) == -1) { + if (errno != ENOENT || g_mkdir_with_parents (path + 5, 0700) == -1) { g_set_error ( error, E_SHELL_MIGRATE_ERROR, E_SHELL_MIGRATE_ERROR_FAILED, @@ -2647,7 +2647,7 @@ emm_setup_initial(const gchar *data_dir) d(printf("Setting up initial mail tree\n")); base = g_build_filename(data_dir, "local", NULL); - if (g_mkdir_with_parents(base, 0777) == -1 && errno != EEXIST) { + if (g_mkdir_with_parents(base, 0700) == -1 && errno != EEXIST) { g_free(base); return FALSE; } @@ -3001,7 +3001,7 @@ e_mail_migrate (EShellBackend *shell_backend, /* make sure ~/.evolution/mail exists */ data_dir = e_shell_backend_get_data_dir (shell_backend); if (g_stat (data_dir, &st) == -1) { - if (errno != ENOENT || g_mkdir_with_parents (data_dir, 0777) == -1) { + if (errno != ENOENT || g_mkdir_with_parents (data_dir, 0700) == -1) { g_set_error ( error, E_SHELL_MIGRATE_ERROR, E_SHELL_MIGRATE_ERROR_FAILED, diff --git a/mail/mail-tools.c b/mail/mail-tools.c index 8259abd6c9..9e268d85cf 100644 --- a/mail/mail-tools.c +++ b/mail/mail-tools.c @@ -119,7 +119,7 @@ mail_tool_get_local_movemail_path (const guchar *uri, CamelException *ex) data_dir = mail_session_get_data_dir (); path = g_build_filename (data_dir, "spool", NULL); - if (g_stat(path, &st) == -1 && g_mkdir_with_parents(path, 0777) == -1) { + if (g_stat(path, &st) == -1 && g_mkdir_with_parents(path, 0700) == -1) { camel_exception_setv(ex, CAMEL_EXCEPTION_SYSTEM, _("Could not create spool directory `%s': %s"), path, g_strerror(errno)); g_free(path); diff --git a/shell/e-shell-backend.c b/shell/e-shell-backend.c index 79acf60fa9..18ebe0f8d8 100644 --- a/shell/e-shell-backend.c +++ b/shell/e-shell-backend.c @@ -162,7 +162,7 @@ shell_backend_get_config_dir (EShellBackend *shell_backend) /* Create the user configuration directory for this backend, * which should also create the user data directory. */ - if (g_mkdir_with_parents (config_dir, 0777) != 0) + if (g_mkdir_with_parents (config_dir, 0700) != 0) g_critical ( "Cannot create directory %s: %s", config_dir, g_strerror (errno)); diff --git a/shell/e-shell-migrate.c b/shell/e-shell-migrate.c index 1186b7934f..6ed7bccc08 100644 --- a/shell/e-shell-migrate.c +++ b/shell/e-shell-migrate.c @@ -194,6 +194,47 @@ fail: return result; } +static void +change_dir_modes (const gchar *path) +{ + GDir *dir; + GError *err = NULL; + const char *file = NULL; + + dir = g_dir_open (path, 0, &err); + if (err) { + g_warning ("Error opening directory %s: %s \n", path, err->message); + g_clear_error (&err); + return; + } + + while ((file = g_dir_read_name (dir))) { + gchar *full_path = g_build_filename (path, file, NULL); + + if (g_file_test (full_path, G_FILE_TEST_IS_DIR)) + change_dir_modes (full_path); + + g_free (full_path); + } + + g_chmod (path, 0700); + g_dir_close (dir); +} + +static void +fix_folder_permissions (const char *data_dir) +{ + struct stat sb; + + if (g_stat (data_dir, &sb) == -1) { + g_warning ("error stat: %s \n", data_dir); + return; + } + + if (((guint32) sb.st_mode & 0777) != 0700) + change_dir_modes (data_dir); +} + gboolean e_shell_migrate_attempt (EShell *shell) { @@ -221,6 +262,10 @@ e_shell_migrate_attempt (EShell *shell) shell_migrate_get_version (shell, &major, &minor, µ); + /* This sets the folder permissions to S_IRWXU if needed */ + if (curr_major <= 2 && curr_minor <= 30) + fix_folder_permissions (e_get_user_data_dir ()); + if (!(curr_major > major || (curr_major == major && curr_minor > minor) || (curr_major == major && curr_minor == minor && curr_micro > micro))) -- cgit v1.2.3