isc_throw(Unexpected, "Can't write configuration: conversion to JSON failed");
}
+ // Remove rights for other from the umask.
+ Umask mask(S_IRWXO);
+
std::ofstream out(config_file, std::ios::trunc);
if (!out.good()) {
isc_throw(Unexpected, "Unable to open file " + config_file + " for writing");
#include <string>
#include <fcntl.h>
-#include <sys/stat.h>
using namespace isc::util::str;
using namespace std;
return ((statbuf.st_mode & S_IFMT) == S_IFREG);
}
+Umask::Umask(mode_t mask) : orig_umask_(umask(S_IWGRP | S_IWOTH)) {
+ umask(orig_umask_ | mask);
+}
+
+Umask::~Umask() {
+ umask(orig_umask_);
+}
+
Path::Path(string const& full_name) {
if (!full_name.empty()) {
bool dir_present = false;
#ifndef KEA_UTIL_FILESYSTEM_H
#define KEA_UTIL_FILESYSTEM_H
+#include <sys/stat.h>
#include <string>
namespace isc {
bool
isFile(const std::string& path);
+/// \brief RAII device to limit access of created files.
+struct Umask {
+ /// \brief Constructor
+ ///
+ /// Set wanted bits in umask.
+ Umask(mode_t mask);
+
+ /// \brief Destructor.
+ ///
+ /// Restore umask.
+ ~Umask();
+
+private:
+ /// \brief Original umask.
+ mode_t orig_umask_;
+};
+
/// \brief Paths on a filesystem
struct Path {
/// \brief Constructor
EXPECT_FALSE(isFile(TEST_DATA_BUILDDIR));
}
+/// @brief Check Umask.
+TEST_F(FileUtilTest, umask) {
+ // Protect the test itself assuming that Umask does what we expect...
+ Umask m0(0);
+ mode_t orig = umask(0);
+ {
+ Umask m(S_IROTH);
+ EXPECT_EQ(S_IROTH, umask(S_IRWXO));
+ }
+ EXPECT_EQ(0, umask(orig));
+}
+
/// @brief Check that the components are split correctly.
TEST(PathTest, components) {
// Complete name
projects / thirdparty / kea.git / commitdiff
