From ce072237a4917f45de3c1a8dd2420e7a3ab18b16 Mon Sep 17 00:00:00 2001 From: admin Date: Sun, 15 Dec 2024 01:57:00 +0530 Subject: [PATCH] FIX(client): Permission for settings.json and backup was too open Changes permission for settings.json and corresponding backup file to 600. Fixes #6652 --- src/mumble/Settings.cpp | 13 ++++++++++++- 1 file changed, 12 insertions(+), 1 deletion(-) diff --git a/src/mumble/Settings.cpp b/src/mumble/Settings.cpp index 4a02bc0908..422f300b2b 100644 --- a/src/mumble/Settings.cpp +++ b/src/mumble/Settings.cpp @@ -24,6 +24,7 @@ #include #include +#include #include #include #include @@ -139,7 +140,6 @@ bool operator!=(const OverlaySettings &lhs, const OverlaySettings &rhs) { return !(lhs == rhs); } - void Settings::save(const QString &path) const { // Our saving procedure is a 4-step process: // 1. Write the settings that are to be saved to a temporary file @@ -183,6 +183,11 @@ void Settings::save(const QString &path) const { qUtf8Printable(targetFile.errorString())); } + // Set permissions to 600 for the backup file + if (!backupFile.setPermissions(QFileDevice::ReadOwner | QFileDevice::WriteOwner)) { + qWarning("Failed to set permissions for backup file: %s", qUtf8Printable(backupFile.errorString())); + } + createdSettingsBackup = true; } else { // The current instance of Mumble has already created a settings backup while it was running. Thus @@ -206,8 +211,14 @@ void Settings::save(const QString &path) const { qWarning("Failed at moving settings from %s to %s - reason: %s", qUtf8Printable(tmpFile.fileName()), qUtf8Printable(path), qUtf8Printable(tmpFile.errorString())); } + + // Set permissions to 600 for the main file + if (!targetFile.setPermissions(QFileDevice::ReadOwner | QFileDevice::WriteOwner)) { + qWarning("Failed to set permissions for main settings file: %s", qUtf8Printable(targetFile.errorString())); + } } + void Settings::save() const { if (settingsLocation.isEmpty()) { save(findSettingsLocation());