diff options
| author | shess@chromium.org <shess@chromium.org@0039d316-1c4b-4281-b951-d872f2087c98> | 2013-07-17 19:10:36 +0000 |
|---|---|---|
| committer | shess@chromium.org <shess@chromium.org@0039d316-1c4b-4281-b951-d872f2087c98> | 2013-07-17 19:10:36 +0000 |
| commit | 81a2a6094b498e6da0218892c8ccd776b660b829 (patch) | |
| tree | b45be736b9c8489709461f2d9138c727cfc96441 /sql/connection.cc | |
| parent | 950a755c3f400916dee882e81051b64333dd1299 (diff) | |
| download | chromium_src-81a2a6094b498e6da0218892c8ccd776b660b829.zip chromium_src-81a2a6094b498e6da0218892c8ccd776b660b829.tar.gz chromium_src-81a2a6094b498e6da0218892c8ccd776b660b829.tar.bz2 | |
[sql] Allow restricting database to user read access.
By default POSIX umask is generally 0644. For some databases, it
makes sense to restrict access to 0600.
Use new setting for password database.
BUG=258771
R=gbillock@chromium.org, isherman@chromium.org, jorgelo@chromium.org
Review URL: https://codereview.chromium.org/5125579611308032
git-svn-id: svn://svn.chromium.org/chrome/trunk/src@212106 0039d316-1c4b-4281-b951-d872f2087c98
Diffstat (limited to 'sql/connection.cc')
| -rw-r--r-- | sql/connection.cc | 25 |
1 files changed, 25 insertions, 0 deletions
diff --git a/sql/connection.cc b/sql/connection.cc index 95d09c2..d11b40c 100644 --- a/sql/connection.cc +++ b/sql/connection.cc @@ -168,6 +168,7 @@ Connection::Connection() page_size_(0), cache_size_(0), exclusive_locking_(false), + restrict_to_user_(false), transaction_nesting_(0), needs_rollback_(false), in_memory_(false), @@ -732,6 +733,30 @@ bool Connection::OpenInternal(const std::string& file_name, return false; } + // TODO(shess): OS_WIN support? +#if defined(OS_POSIX) + if (restrict_to_user_) { + DCHECK_NE(file_name, std::string(":memory")); + base::FilePath file_path(file_name); + int mode = 0; + // TODO(shess): Arguably, failure to retrieve and change + // permissions should be fatal if the file exists. + if (file_util::GetPosixFilePermissions(file_path, &mode)) { + mode &= file_util::FILE_PERMISSION_USER_MASK; + file_util::SetPosixFilePermissions(file_path, mode); + + // SQLite sets the permissions on these files from the main + // database on create. Set them here in case they already exist + // at this point. Failure to set these permissions should not + // be fatal unless the file doesn't exist. + base::FilePath journal_path(file_name + FILE_PATH_LITERAL("-journal")); + base::FilePath wal_path(file_name + FILE_PATH_LITERAL("-wal")); + file_util::SetPosixFilePermissions(journal_path, mode); + file_util::SetPosixFilePermissions(wal_path, mode); + } + } +#endif // defined(OS_POSIX) + // SQLite uses a lookaside buffer to improve performance of small mallocs. // Chromium already depends on small mallocs being efficient, so we disable // this to avoid the extra memory overhead. |