Pull request 2294: AGDNS-2455 Windows permissions

Closes #7314. Squashed commit of the following: commit f8b6ffe Author: Eugene Burkov <[email protected]> Date: Tue Oct 29 14:14:41 2024 +0300 all: fix chlog commit 9417b7d Author: Eugene Burkov <[email protected]> Date: Mon Oct 28 19:41:30 2024 +0300 aghos: imp doc commit b91f0e7 Author: Eugene Burkov <[email protected]> Date: Mon Oct 28 19:26:15 2024 +0300 all: rm bin commit 9008ee9 Author: Eugene Burkov <[email protected]> Date: Mon Oct 28 18:23:54 2024 +0300 all: revert permcheck commit bcc85d5 Author: Eugene Burkov <[email protected]> Date: Mon Oct 28 17:48:55 2024 +0300 all: use aghos more commit 993e351 Author: Eugene Burkov <[email protected]> Date: Mon Oct 28 16:24:56 2024 +0300 all: fix more bugs commit a22b0d2 Author: Eugene Burkov <[email protected]> Date: Fri Oct 25 18:30:52 2024 +0300 all: fix bugs commit a2309f8 Author: Eugene Burkov <[email protected]> Date: Fri Oct 25 17:05:08 2024 +0300 all: fix chlog, imp api commit 42c3f8e Author: Eugene Burkov <[email protected]> Date: Fri Oct 25 16:04:47 2024 +0300 scripts: fix docs commit 9e781ff Author: Eugene Burkov <[email protected]> Date: Fri Oct 25 16:03:19 2024 +0300 scripts: imp docs commit 1dbc784 Author: Eugene Burkov <[email protected]> Date: Fri Oct 25 15:55:16 2024 +0300 all: use new functions, add tests commit dcbabaf Author: Eugene Burkov <[email protected]> Date: Fri Oct 25 13:23:50 2024 +0300 aghos: add stat commit 72d7c0f Author: Eugene Burkov <[email protected]> Date: Thu Oct 24 17:10:30 2024 +0300 aghos: add windows functions
AdguardTeam · Oct 29, 2024 · e77de2e · e77de2e
1 parent e529d29
commit e77de2e
Show file tree

Hide file tree

Showing 20 changed files with 682 additions and 40 deletions.
diff --git a/CHANGELOG.md b/CHANGELOG.md
@@ -25,6 +25,10 @@ See also the [v0.107.54 GitHub milestone][ms-v0.107.54].
 NOTE: Add new changes BELOW THIS COMMENT.
 -->
 
+### Security
+
+- Incorrect handling of sensitive files permissions on Windows ([#7314]).
+
 ### Changed
 
 - Improved filtering performance ([#6818]).
@@ -38,6 +42,7 @@ NOTE: Add new changes BELOW THIS COMMENT.
 
 [#6818]: https://github.com/AdguardTeam/AdGuardHome/issues/6818
 [#7250]: https://github.com/AdguardTeam/AdGuardHome/issues/7250
+[#7314]: https://github.com/AdguardTeam/AdGuardHome/issues/7314
 [#7315]: https://github.com/AdguardTeam/AdGuardHome/issues/7315
 [#7338]: https://github.com/AdguardTeam/AdGuardHome/issues/7338
 

diff --git a/internal/aghos/permission.go b/internal/aghos/permission.go
@@ -0,0 +1,50 @@
+package aghos
+
+import (
+	"io/fs"
+	"os"
+)
+
+// TODO(e.burkov):  Add platform-independent tests.
+
+// Chmod is an extension for [os.Chmod] that properly handles Windows access
+// rights.
+func Chmod(name string, perm fs.FileMode) (err error) {
+	return chmod(name, perm)
+}
+
+// Mkdir is an extension for [os.Mkdir] that properly handles Windows access
+// rights.
+func Mkdir(name string, perm fs.FileMode) (err error) {
+	return mkdir(name, perm)
+}
+
+// MkdirAll is an extension for [os.MkdirAll] that properly handles Windows
+// access rights.
+func MkdirAll(path string, perm fs.FileMode) (err error) {
+	return mkdirAll(path, perm)
+}
+
+// WriteFile is an extension for [os.WriteFile] that properly handles Windows
+// access rights.
+func WriteFile(filename string, data []byte, perm fs.FileMode) (err error) {
+	return writeFile(filename, data, perm)
+}
+
+// OpenFile is an extension for [os.OpenFile] that properly handles Windows
+// access rights.
+func OpenFile(name string, flag int, perm fs.FileMode) (file *os.File, err error) {
+	return openFile(name, flag, perm)
+}
+
+// Stat is an extension for [os.Stat] that properly handles Windows access
+// rights.
+//
+// Note that on Windows the "other" permission bits combines the access rights
+// of any trustee that is neither the owner nor the owning group for the file.
+//
+// TODO(e.burkov):  Inspect the behavior for the World (everyone) well-known
+// SID and, perhaps, use it.
+func Stat(name string) (fi fs.FileInfo, err error) {
+	return stat(name)
+}
diff --git a/internal/aghos/permission_unix.go b/internal/aghos/permission_unix.go
@@ -0,0 +1,42 @@
+//go:build unix
+
+package aghos
+
+import (
+	"io/fs"
+	"os"
+
+	"github.com/google/renameio/v2/maybe"
+)
+
+// chmod is a Unix implementation of [Chmod].
+func chmod(name string, perm fs.FileMode) (err error) {
+	return os.Chmod(name, perm)
+}
+
+// mkdir is a Unix implementation of [Mkdir].
+func mkdir(name string, perm fs.FileMode) (err error) {
+	return os.Mkdir(name, perm)
+}
+
+// mkdirAll is a Unix implementation of [MkdirAll].
+func mkdirAll(path string, perm fs.FileMode) (err error) {
+	return os.MkdirAll(path, perm)
+}
+
+// writeFile is a Unix implementation of [WriteFile].
+func writeFile(filename string, data []byte, perm fs.FileMode) (err error) {
+	return maybe.WriteFile(filename, data, perm)
+}
+
+// openFile is a Unix implementation of [OpenFile].
+func openFile(name string, flag int, perm fs.FileMode) (file *os.File, err error) {
+	// #nosec G304 -- This function simply wraps the [os.OpenFile] function, so
+	// the security concerns should be addressed to the [OpenFile] calls.
+	return os.OpenFile(name, flag, perm)
+}
+
+// stat is a Unix implementation of [Stat].
+func stat(name string) (fi os.FileInfo, err error) {
+	return os.Stat(name)
+}