diff options
| author | Ondrej Holy <oholy@redhat.com> | 2019-05-23 10:41:53 +0200 |
|---|---|---|
| committer | Ray Strode <rstrode@redhat.com> | 2020-10-14 09:23:46 -0400 |
| commit | 7a0be345be080e1f00a4a0366a4ceee904ebe1ee (patch) | |
| tree | 98b653af921d71e794414fd9bd06ac0e58d84a71 | |
| parent | 3c8c42d4fbfd498e0c1737f6d3f02f6dbe564d15 (diff) | |
| download | glib-7a0be345be080e1f00a4a0366a4ceee904ebe1ee.tar.gz | |
gfile: Limit access to files when copying
file_copy_fallback creates new files with default permissions and
set the correct permissions after the operation is finished. This
might cause that the files can be accessible by more users during
the operation than expected. Use G_FILE_CREATE_PRIVATE for the new
files to limit access to those files.
| -rw-r--r-- | gio/gfile.c | 11 |
1 files changed, 6 insertions, 5 deletions
diff --git a/gio/gfile.c b/gio/gfile.c index 334ad8ec3..ab4ef4a1b 100644 --- a/gio/gfile.c +++ b/gio/gfile.c @@ -3271,12 +3271,12 @@ file_copy_fallback (GFile *source, out = (GOutputStream*)_g_local_file_output_stream_replace (_g_local_file_get_filename (G_LOCAL_FILE (destination)), FALSE, NULL, flags & G_FILE_COPY_BACKUP, - G_FILE_CREATE_REPLACE_DESTINATION, - info, + G_FILE_CREATE_REPLACE_DESTINATION | + G_FILE_CREATE_PRIVATE, info, cancellable, error); else out = (GOutputStream*)_g_local_file_output_stream_create (_g_local_file_get_filename (G_LOCAL_FILE (destination)), - FALSE, 0, info, + FALSE, G_FILE_CREATE_PRIVATE, info, cancellable, error); } else if (flags & G_FILE_COPY_OVERWRITE) @@ -3284,12 +3284,13 @@ file_copy_fallback (GFile *source, out = (GOutputStream *)g_file_replace (destination, NULL, flags & G_FILE_COPY_BACKUP, - G_FILE_CREATE_REPLACE_DESTINATION, + G_FILE_CREATE_REPLACE_DESTINATION | + G_FILE_CREATE_PRIVATE, cancellable, error); } else { - out = (GOutputStream *)g_file_create (destination, 0, cancellable, error); + out = (GOutputStream *)g_file_create (destination, G_FILE_CREATE_PRIVATE, cancellable, error); } if (!out) |