mirrors/cdt
1
0
Fork 0
mirror of https://github.com/eclipse-cdt/cdt synced 2025-07-25 18:05:33 +02:00
Code Issues Wiki Activity

[432872] [dstore] enforce secure permission bits for .dstore* logs

Browse source
This commit is contained in:
Dave McKnight 2014-04-16 10:51:29 -04:00
parent dede0b3299
commit 2d1f02168f
1 changed files with 26 additions and 3 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

29
rse/plugins/org.eclipse.dstore.core/src/org/eclipse/dstore/core/model/DataStore.java
View file

@ -47,6 +47,7 @@
* David McKnight (IBM) - [390037] [dstore] Duplicated items in the System view * David McKnight (IBM) - [390037] [dstore] Duplicated items in the System view
* David McKnight (IBM) - [396440] [dstore] fix issues with the spiriting mechanism and other memory improvements (phase 1) * David McKnight (IBM) - [396440] [dstore] fix issues with the spiriting mechanism and other memory improvements (phase 1)
* David McKnight (IBM) - [432875] [dstore] do not use rmt_classloader_cache*.jar * David McKnight (IBM) - [432875] [dstore] do not use rmt_classloader_cache*.jar
* David McKnight (IBM) - [432872] [dstore] enforce secure permission bits for .dstore* logs
*******************************************************************************/ *******************************************************************************/
package org.eclipse.dstore.core.model; package org.eclipse.dstore.core.model;
@ -3720,7 +3721,7 @@ public final class DataStore
} catch (IOException e) { } catch (IOException e) {
} }
} }
if (_traceFileHandle.canWrite()){ if (_traceFileHandle.canWrite() && setLogPermissions(_traceFileHandle)){
try try
{ {
_traceFile = new RandomAccessFile(_traceFileHandle, "rw"); //$NON-NLS-1$ _traceFile = new RandomAccessFile(_traceFileHandle, "rw"); //$NON-NLS-1$
@ -3778,7 +3779,7 @@ public final class DataStore
} catch (IOException e) { } catch (IOException e) {
} }
} }
if (_memLoggingFileHandle.canWrite()){ if (_memLoggingFileHandle.canWrite() && setLogPermissions(_memLoggingFileHandle)){
try try
{ {
_memLogFile = new RandomAccessFile(_memLoggingFileHandle, "rw"); //$NON-NLS-1$ _memLogFile = new RandomAccessFile(_memLoggingFileHandle, "rw"); //$NON-NLS-1$
@ -4578,7 +4579,7 @@ public final class DataStore
{ {
if (_tracingOn) { if (_tracingOn) {
_traceFileHandle = new File(logDir, ".dstoreTrace"); //$NON-NLS-1$ _traceFileHandle = new File(logDir, ".dstoreTrace"); //$NON-NLS-1$
if (_traceFileHandle.canWrite()){ if (_traceFileHandle.canWrite() && setLogPermissions(_traceFileHandle)){
try try
{ {
_traceFile = new RandomAccessFile(_traceFileHandle, "rw"); //$NON-NLS-1$ _traceFile = new RandomAccessFile(_traceFileHandle, "rw"); //$NON-NLS-1$
@ -4610,5 +4611,27 @@ public final class DataStore
return _client; return _client;
} }
/**
* Sets the log file permissions for a file based on the "log.file.mode" system property. If no
* such property exists, this just returns true.
* @param file the file to change permissions on
* @return true if successful or log.file.mode is turned off
*/
private static boolean setLogPermissions(File file){
String fileMode = System.getProperty("log.file.mode"); //$NON-NLS-1$
if (fileMode != null && fileMode.length() > 0){
// just default to 600 for older levels of RSE
String mode = "600"; //$NON-NLS-1$
String chmodCmd = "chmod " + mode + ' ' + file.getAbsolutePath(); //$NON-NLS-1$
try {
Process p = Runtime.getRuntime().exec(chmodCmd);
return p.exitValue() == 0;
}
catch (Exception e){
return false;
}
}
return true;
}
} }