diff options
author | Alexander Volkov <avolkov@astralinux.ru> | 2020-11-18 15:05:20 +0300 |
---|---|---|
committer | Alexander Volkov <avolkov@astralinux.ru> | 2020-11-30 19:16:21 +0300 |
commit | 68de00e0d4f2c574162a6e033d41786e3757d25d (patch) | |
tree | 5ceb709aa4da385a92ba61ab56e39d8df40c5a54 /src/corelib/io | |
parent | d27d2b5d72acb2a3be55d0af9ded4cd126a5f031 (diff) |
QStandardPaths: Don't change permissions of XDG_RUNTIME_DIR
Conform to the XDG Base Directory Specification:
"If, when attempting to write a file, the destination directory
is non-existent an attempt should be made to create it with
permission 0700. If the destination directory exists already
the permissions should not be changed."
At the same time the spec states about XDG_RUNTIME_DIR that
"its Unix access mode MUST be 0700", so don't consider the
directory with wrong permissions correct and use a fallback.
Task-number: QTBUG-68338
Pick-to: 5.15 5.12
Change-Id: I03c6b35b3f7d5ceb8e6326695bfc8207da92ea67
Reviewed-by: Thiago Macieira <thiago.macieira@intel.com>
Reviewed-by: David Faure <david.faure@kdab.com>
Diffstat (limited to 'src/corelib/io')
-rw-r--r-- | src/corelib/io/qstandardpaths_unix.cpp | 59 |
1 files changed, 30 insertions, 29 deletions
diff --git a/src/corelib/io/qstandardpaths_unix.cpp b/src/corelib/io/qstandardpaths_unix.cpp index 2623de0fe0..09f6c9d639 100644 --- a/src/corelib/io/qstandardpaths_unix.cpp +++ b/src/corelib/io/qstandardpaths_unix.cpp @@ -94,6 +94,30 @@ static QLatin1String xdg_key_name(QStandardPaths::StandardLocation type) } #endif +static QByteArray unixPermissionsText(QFile::Permissions permissions) +{ + mode_t perms = 0; + if (permissions & QFile::ReadOwner) + perms |= S_IRUSR; + if (permissions & QFile::WriteOwner) + perms |= S_IWUSR; + if (permissions & QFile::ExeOwner) + perms |= S_IXUSR; + if (permissions & QFile::ReadGroup) + perms |= S_IRGRP; + if (permissions & QFile::WriteGroup) + perms |= S_IWGRP; + if (permissions & QFile::ExeGroup) + perms |= S_IXGRP; + if (permissions & QFile::ReadOther) + perms |= S_IROTH; + if (permissions & QFile::WriteOther) + perms |= S_IWOTH; + if (permissions & QFile::ExeOther) + perms |= S_IXOTH; + return '0' + QByteArray::number(perms, 8); +} + static bool checkXdgRuntimeDir(const QString &xdgRuntimeDir) { auto describeMetaData = [](const QFileSystemMetaData &metaData) -> QByteArray { @@ -113,27 +137,7 @@ static bool checkXdgRuntimeDir(const QString &xdgRuntimeDir) else description += "a block device"; - // convert QFileSystemMetaData permissions back to Unix - mode_t perms = 0; - if (metaData.permissions() & QFile::ReadOwner) - perms |= S_IRUSR; - if (metaData.permissions() & QFile::WriteOwner) - perms |= S_IWUSR; - if (metaData.permissions() & QFile::ExeOwner) - perms |= S_IXUSR; - if (metaData.permissions() & QFile::ReadGroup) - perms |= S_IRGRP; - if (metaData.permissions() & QFile::WriteGroup) - perms |= S_IWGRP; - if (metaData.permissions() & QFile::ExeGroup) - perms |= S_IXGRP; - if (metaData.permissions() & QFile::ReadOther) - perms |= S_IROTH; - if (metaData.permissions() & QFile::WriteOther) - perms |= S_IWOTH; - if (metaData.permissions() & QFile::ExeOther) - perms |= S_IXOTH; - description += " permissions 0" + QByteArray::number(perms, 8); + description += " permissions " + unixPermissionsText(metaData.permissions()); return description + " owned by UID " + QByteArray::number(metaData.userId()) @@ -186,14 +190,11 @@ static bool checkXdgRuntimeDir(const QString &xdgRuntimeDir) // "and he MUST be the only one having read and write access to it. Its Unix access mode MUST be 0700." if (metaData.permissions() != wantedPerms) { - // attempt to correct: - QSystemError error; - if (!QFileSystemEngine::setPermissions(entry, wantedPerms, error)) { - qErrnoWarning("QStandardPaths: could not set correct permissions on runtime directory " - "'%ls', which is %s", qUtf16Printable(xdgRuntimeDir), - describeMetaData(metaData).constData()); - return false; - } + qWarning("QStandardPaths: wrong permissions on runtime directory %ls, %s instead of %s", + qUtf16Printable(xdgRuntimeDir), + unixPermissionsText(metaData.permissions()).constData(), + unixPermissionsText(wantedPerms).constData()); + return false; } return true; |