diff options
author | Thiago Macieira <thiago.macieira@intel.com> | 2023-09-20 17:42:38 -0700 |
---|---|---|
committer | Thiago Macieira <thiago.macieira@intel.com> | 2023-09-23 08:18:22 -0700 |
commit | a71f5568304fa2c9d596d52374c7e69ac98f8ad7 (patch) | |
tree | 96a9570b0e5d7ea1685d66f2cb686d6358a482d3 /src/corelib/io/qfilesystemengine_unix.cpp | |
parent | 772ad60425866d895cbd76cfb478893ec8496505 (diff) |
moveToTrash/Unix: avoid mkdir/chmod race condition for the trash dir
QDir::mkdir() followed by QFile::setPermissions() is a race condition
because an attacker could enter the directory before we set the
permissions. QDir::mkdir() got an overload with the permissions in 6.3,
but I decided to go a level lower and use QFileSystemEngine directly
here.
Pick-to: 6.5 6.6
Change-Id: I9d43e5b91eb142d6945cfffd1786c338e21c129e
Reviewed-by: Volker Hilsheimer <volker.hilsheimer@qt.io>
Diffstat (limited to 'src/corelib/io/qfilesystemengine_unix.cpp')
-rw-r--r-- | src/corelib/io/qfilesystemengine_unix.cpp | 6 |
1 files changed, 4 insertions, 2 deletions
diff --git a/src/corelib/io/qfilesystemengine_unix.cpp b/src/corelib/io/qfilesystemengine_unix.cpp index a3d71aeeab..cf33dde975 100644 --- a/src/corelib/io/qfilesystemengine_unix.cpp +++ b/src/corelib/io/qfilesystemengine_unix.cpp @@ -1193,8 +1193,10 @@ static QString freeDesktopTrashLocation(const QString &sourcePath) | QFileDevice::ExeOwner; QString targetDir = topDir.filePath(trashDir); // deliberately not using mkpath, since we want to fail if topDir doesn't exist - if (topDir.mkdir(trashDir)) - QFile::setPermissions(targetDir, ownerPerms); + bool created = QFileSystemEngine::createDirectory(QFileSystemEntry(targetDir), false, ownerPerms); + if (created) + return targetDir; + // maybe it already exists and is a directory if (QFileInfo(targetDir).isDir()) return targetDir; return QString(); |