From b7da5ae9b94fe47870bd7881cdd3df8844aadb5d Mon Sep 17 00:00:00 2001 From: Guenter Obiltschnig Date: Sat, 27 Feb 2016 21:17:39 +0100 Subject: [PATCH] fixed GH #1114: World-write permissions on files created by daemon. Default umask is now 027; other mask can be set with --umask command-line parameter Conflicts: Util/src/ServerApplication.cpp --- Util/include/Poco/Util/ServerApplication.h | 1 + Util/src/ServerApplication.cpp | 35 ++++++++++++++++++---- 2 files changed, 30 insertions(+), 6 deletions(-) diff --git a/Util/include/Poco/Util/ServerApplication.h b/Util/include/Poco/Util/ServerApplication.h index d02c3e5cb..c4ddc118b 100644 --- a/Util/include/Poco/Util/ServerApplication.h +++ b/Util/include/Poco/Util/ServerApplication.h @@ -183,6 +183,7 @@ private: static Poco::Event _terminate; #elif defined(POCO_OS_FAMILY_UNIX) void handleDaemon(const std::string& name, const std::string& value); + void handleUMask(const std::string& name, const std::string& value); void handlePidFile(const std::string& name, const std::string& value); bool isDaemon(int argc, char** argv); void beDaemon(); diff --git a/Util/src/ServerApplication.cpp b/Util/src/ServerApplication.cpp index 3a40cf490..ac5564a2a 100644 --- a/Util/src/ServerApplication.cpp +++ b/Util/src/ServerApplication.cpp @@ -18,6 +18,7 @@ #include "Poco/Util/Option.h" #include "Poco/Util/OptionSet.h" #include "Poco/Util/OptionException.h" +#include "Poco/FileStream.h" #include "Poco/Exception.h" #if !defined(POCO_VXWORKS) #include "Poco/Process.h" @@ -690,7 +691,7 @@ void ServerApplication::beDaemon() exit(0); setsid(); - umask(0); + umask(027); // attach stdin, stdout, stderr to /dev/null // instead of just closing them. This avoids @@ -718,6 +719,13 @@ void ServerApplication::defineOptions(OptionSet& rOptions) .repeatable(false) .callback(OptionCallback(this, &ServerApplication::handleDaemon))); + rOptions.addOption( + Option("umask", "", "Set the daemon's umask (octal, e.g. 027).") + .required(false) + .repeatable(false) + .argument("mask") + .callback(OptionCallback(this, &ServerApplication::handleUMask))); + rOptions.addOption( Option("pidfile", "", "Write the process ID of the application to given file.") .required(false) @@ -727,20 +735,35 @@ void ServerApplication::defineOptions(OptionSet& rOptions) } -void ServerApplication::handleDaemon(const std::string& rName, const std::string& Value) +void ServerApplication::handleDaemon(const std::string& rName, const std::string&) { config().setBool("application.runAsDaemon", true); } -void ServerApplication::handlePidFile(const std::string& rName, const std::string& value) +void ServerApplication::handleUMask(const std::string& rName, const std::string& rValue) { - std::ofstream ostr(value.c_str()); + int mask = 0; + for (std::string::const_iterator it = rValue.begin(); it != rValue.end(); ++it) + { + mask *= 8; + if (*it >= '0' && *it <= '7') + mask += *it - '0'; + else + throw Poco::InvalidArgumentException("umask contains non-octal characters", rValue); + } + umask(mask); +} + + +void ServerApplication::handlePidFile(const std::string& rName, const std::string& rValue) +{ + Poco::FileOutputStream ostr(rValue); if (ostr.good()) ostr << Poco::Process::id() << std::endl; else - throw Poco::CreateFileException("Cannot write PID to file", value); - Poco::TemporaryFile::registerForDeletion(value); + throw Poco::CreateFileException("Cannot write PID to file", rValue); + Poco::TemporaryFile::registerForDeletion(rValue); }