diff options
author | Alexander Volkov <avolkov@astralinux.ru> | 2020-11-18 15:05:20 +0300 |
---|---|---|
committer | Alexander Volkov <a.volkov@rusbitech.ru> | 2020-12-31 18:12:56 +0300 |
commit | a4a8ab2c38563bc8ed9fbb651305df94787e645e (patch) | |
tree | 5585c4591a3d78744d61aee9206780f1a7bd60a8 | |
parent | f4caf0d0e5c4932055d0475559a52c85b66635b5 (diff) |
QStandardPaths: Don't change permissions of XDG_RUNTIME_DIR
Conform to the XDG Base Directory Specification:
"If, when attempting to write a file, the destination directory
is non-existent an attempt should be made to create it with
permission 0700. If the destination directory exists already
the permissions should not be changed."
At the same time the spec states about XDG_RUNTIME_DIR that
"its Unix access mode MUST be 0700", so don't consider the
directory with wrong permissions correct and use a fallback.
Task-number: QTBUG-68338
Change-Id: I03c6b35b3f7d5ceb8e6326695bfc8207da92ea67
Reviewed-by: Thiago Macieira <thiago.macieira@intel.com>
Reviewed-by: David Faure <david.faure@kdab.com>
(cherry picked from commit 68de00e0d4f2c574162a6e033d41786e3757d25d)
-rw-r--r-- | src/corelib/io/qstandardpaths_unix.cpp | 59 | ||||
-rw-r--r-- | tests/auto/corelib/io/qstandardpaths/tst_qstandardpaths.cpp | 18 |
2 files changed, 37 insertions, 40 deletions
diff --git a/src/corelib/io/qstandardpaths_unix.cpp b/src/corelib/io/qstandardpaths_unix.cpp index d71a28432d..82feed47f3 100644 --- a/src/corelib/io/qstandardpaths_unix.cpp +++ b/src/corelib/io/qstandardpaths_unix.cpp @@ -72,6 +72,30 @@ static void appendOrganizationAndApp(QString &path) #endif } +static QByteArray unixPermissionsText(QFile::Permissions permissions) +{ + mode_t perms = 0; + if (permissions & QFile::ReadOwner) + perms |= S_IRUSR; + if (permissions & QFile::WriteOwner) + perms |= S_IWUSR; + if (permissions & QFile::ExeOwner) + perms |= S_IXUSR; + if (permissions & QFile::ReadGroup) + perms |= S_IRGRP; + if (permissions & QFile::WriteGroup) + perms |= S_IWGRP; + if (permissions & QFile::ExeGroup) + perms |= S_IXGRP; + if (permissions & QFile::ReadOther) + perms |= S_IROTH; + if (permissions & QFile::WriteOther) + perms |= S_IWOTH; + if (permissions & QFile::ExeOther) + perms |= S_IXOTH; + return '0' + QByteArray::number(perms, 8); +} + static bool checkXdgRuntimeDir(const QString &xdgRuntimeDir) { auto describeMetaData = [](const QFileSystemMetaData &metaData) -> QByteArray { @@ -91,27 +115,7 @@ static bool checkXdgRuntimeDir(const QString &xdgRuntimeDir) else description += "a block device"; - // convert QFileSystemMetaData permissions back to Unix - mode_t perms = 0; - if (metaData.permissions() & QFile::ReadOwner) - perms |= S_IRUSR; - if (metaData.permissions() & QFile::WriteOwner) - perms |= S_IWUSR; - if (metaData.permissions() & QFile::ExeOwner) - perms |= S_IXUSR; - if (metaData.permissions() & QFile::ReadGroup) - perms |= S_IRGRP; - if (metaData.permissions() & QFile::WriteGroup) - perms |= S_IWGRP; - if (metaData.permissions() & QFile::ExeGroup) - perms |= S_IXGRP; - if (metaData.permissions() & QFile::ReadOther) - perms |= S_IROTH; - if (metaData.permissions() & QFile::WriteOther) - perms |= S_IWOTH; - if (metaData.permissions() & QFile::ExeOther) - perms |= S_IXOTH; - description += " permissions 0" + QByteArray::number(perms, 8); + description += " permissions " + unixPermissionsText(metaData.permissions()); return description + " owned by UID " + QByteArray::number(metaData.userId()) @@ -164,14 +168,11 @@ static bool checkXdgRuntimeDir(const QString &xdgRuntimeDir) // "and he MUST be the only one having read and write access to it. Its Unix access mode MUST be 0700." if (metaData.permissions() != wantedPerms) { - // attempt to correct: - QSystemError error; - if (!QFileSystemEngine::setPermissions(entry, wantedPerms, error)) { - qErrnoWarning("QStandardPaths: could not set correct permissions on runtime directory " - "'%ls', which is %s", qUtf16Printable(xdgRuntimeDir), - describeMetaData(metaData).constData()); - return false; - } + qWarning("QStandardPaths: wrong permissions on runtime directory %ls, %s instead of %s", + qUtf16Printable(xdgRuntimeDir), + unixPermissionsText(metaData.permissions()).constData(), + unixPermissionsText(wantedPerms).constData()); + return false; } return true; diff --git a/tests/auto/corelib/io/qstandardpaths/tst_qstandardpaths.cpp b/tests/auto/corelib/io/qstandardpaths/tst_qstandardpaths.cpp index 03eb3ae586..0680b9918d 100644 --- a/tests/auto/corelib/io/qstandardpaths/tst_qstandardpaths.cpp +++ b/tests/auto/corelib/io/qstandardpaths/tst_qstandardpaths.cpp @@ -468,16 +468,6 @@ void tst_qstandardpaths::testRuntimeDirectory() #ifdef Q_XDG_PLATFORM const QString runtimeDir = QStandardPaths::writableLocation(QStandardPaths::RuntimeLocation); QVERIFY(!runtimeDir.isEmpty()); - - // Check that it can automatically fix permissions - QFile file(runtimeDir); - const QFile::Permissions wantedPerms = QFile::ReadUser | QFile::WriteUser | QFile::ExeUser; - const QFile::Permissions additionalPerms = QFile::ReadOwner | QFile::WriteOwner | QFile::ExeOwner; - QCOMPARE(file.permissions(), wantedPerms | additionalPerms); - QVERIFY(file.setPermissions(wantedPerms | QFile::ExeGroup)); - const QString runtimeDirAgain = QStandardPaths::writableLocation(QStandardPaths::RuntimeLocation); - QCOMPARE(runtimeDirAgain, runtimeDir); - QCOMPARE(QFile(runtimeDirAgain).permissions(), wantedPerms | additionalPerms); #endif } @@ -542,7 +532,12 @@ void tst_qstandardpaths::testCustomRuntimeDirectory_data() d.mkdir("runtime"); QFile::setPermissions(p, QFile::ReadOwner | QFile::WriteOwner | QFile::ExeOwner | QFile::ExeGroup | QFile::ExeOther); - return updateRuntimeDir(p); + updateRuntimeDir(p); + QTest::ignoreMessage(QtWarningMsg, + QString("QStandardPaths: wrong permissions on runtime directory %1, " + "0711 instead of 0700") + .arg(p).toLatin1()); + return fallbackXdgRuntimeDir(); }); addRow("environment:wrong-owner", [](QDir &) { @@ -607,6 +602,7 @@ void tst_qstandardpaths::testCustomRuntimeDirectory_data() clearRuntimeDir(); QString p = fallbackXdgRuntimeDir(); d.mkdir(p); // probably has wrong permissions + QFile::setPermissions(p, QFile::ReadOwner | QFile::WriteOwner | QFile::ExeOwner); return p; }); |