+19
-7
lines changedFilter options
+19
-7
lines changed Original file line number Diff line number Diff line change
@@ -28,7 +28,6 @@ package main
28 28
import (
29 29
"errors"
30 30
"fmt"
31 -
"io/ioutil"
32 31
"os"
33 32
"os/exec"
34 33
"path/filepath"
@@ -405,7 +404,7 @@ func run() (retVal error) {
405 404
if len(b) > 0 || len(c) > 0 {
406 405 407 406
aclpath := formatDumpPath(d.Directory, d.TimeFormat, "createdb.sql", dbname, d.When, 0)
408 -
if err := os.MkdirAll(filepath.Dir(aclpath), 0755); err != nil {
407 +
if err := os.MkdirAll(filepath.Dir(aclpath), 0700); err != nil {
409 408
l.Errorln(err)
410 409
exitCode = 1
411 410
continue
@@ -423,6 +422,10 @@ func run() (retVal error) {
423 422 424 423
f.Close()
425 424 425 +
if err := os.Chmod(aclpath, 0600); err != nil {
426 +
return fmt.Errorf("could not chmod to more secure permission for ACL %s: %s", dbname, err)
427 +
}
428 + 426 429
// Have its checksum computed
427 430
producedFiles <- sumFileJob{
428 431
Path: aclpath,
@@ -671,6 +674,11 @@ func (d *dump) dump(fc chan<- sumFileJob) error {
671 674 672 675
d.Path = file
673 676
d.ExitCode = 0
677 + 678 +
if err := os.Chmod(file, 0600); err != nil {
679 +
return fmt.Errorf("could not chmod to more secure permission for %s: %s", dbname, err)
680 +
}
681 + 674 682
return nil
675 683
}
676 684
@@ -822,7 +830,7 @@ func dumpGlobals(dir string, timeFormat string, conninfo *ConnInfo, fc chan<- su
822 830
file := formatDumpPath(dir, timeFormat, "sql", "pg_globals", time.Now(), 0)
823 831
args = append(args, "-f", file)
824 832 825 -
if err := os.MkdirAll(filepath.Dir(file), 0755); err != nil {
833 +
if err := os.MkdirAll(filepath.Dir(file), 0700); err != nil {
826 834
return err
827 835
}
828 836
@@ -846,6 +854,10 @@ func dumpGlobals(dir string, timeFormat string, conninfo *ConnInfo, fc chan<- su
846 854
}
847 855
}
848 856 857 +
if err := os.Chmod(file, 0600); err != nil {
858 +
return fmt.Errorf("could not chmod to more secure permission for pg_globals: %s", err)
859 +
}
860 + 849 861
if fc != nil {
850 862
fc <- sumFileJob{
851 863
Path: file,
@@ -859,7 +871,7 @@ func dumpSettings(dir string, timeFormat string, db *pg, fc chan<- sumFileJob) e
859 871 860 872
file := formatDumpPath(dir, timeFormat, "out", "pg_settings", time.Now(), 0)
861 873 862 -
if err := os.MkdirAll(filepath.Dir(file), 0755); err != nil {
874 +
if err := os.MkdirAll(filepath.Dir(file), 0700); err != nil {
863 875
return err
864 876
}
865 877
@@ -871,7 +883,7 @@ func dumpSettings(dir string, timeFormat string, db *pg, fc chan<- sumFileJob) e
871 883
// Use a Buffer to avoid creating an empty file
872 884
if len(s) > 0 {
873 885
l.Verboseln("writing settings to:", file)
874 -
if err := ioutil.WriteFile(file, []byte(s), 0644); err != nil {
886 +
if err := os.WriteFile(file, []byte(s), 0600); err != nil {
875 887
return err
876 888
}
877 889
@@ -889,7 +901,7 @@ func dumpConfigFiles(dir string, timeFormat string, db *pg, fc chan<- sumFileJob
889 901
for _, param := range []string{"hba_file", "ident_file"} {
890 902
file := formatDumpPath(dir, timeFormat, "out", param, time.Now(), 0)
891 903 892 -
if err := os.MkdirAll(filepath.Dir(file), 0755); err != nil {
904 +
if err := os.MkdirAll(filepath.Dir(file), 0700); err != nil {
893 905
return err
894 906
}
895 907
@@ -901,7 +913,7 @@ func dumpConfigFiles(dir string, timeFormat string, db *pg, fc chan<- sumFileJob
901 913
// Use a Buffer to avoid creating an empty file
902 914
if len(s) > 0 {
903 915
l.Verbosef("writing contents of '%s' to: %s", param, file)
904 -
if err := ioutil.WriteFile(file, []byte(s), 0644); err != nil {
916 +
if err := os.WriteFile(file, []byte(s), 0600); err != nil {
905 917
return err
906 918
}
907 919 You can’t perform that action at this time.
RetroSearch is an open source project built by @garambo | Open a GitHub Issue
Search and Browse the WWW like it's 1997 | Search results from DuckDuckGo
HTML:
3.2
| Encoding:
UTF-8
| Version:
0.7.4