RepoMirrors/tdesktop
1
0
Fork 0
mirror of https://github.com/telegramdesktop/tdesktop synced 2025-03-25 04:38:23 +00:00
Code Issues Projects Releases Wiki Activity

Fix CVE-2016-10351: Insecure cWorkingDir permissions.

Browse Source 
Set 700 permisson on dir on every start.

Signed-off-by: Alexander GQ Gerasiov <gq@cs.msu.su>
This commit is contained in:
Alexander GQ Gerasiov 2017-08-28 01:03:06 +03:00 committed by John Preston
parent 5d5b89c82d
commit 07106897a6
1 changed files with 6 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

7
Telegram/SourceFiles/settings.h
View File

@ -79,7 +79,12 @@ DeclareReadSetting(LaunchMode, LaunchMode);
DeclareSetting(QString, WorkingDir);
inline void cForceWorkingDir(const QString &newDir) {
cSetWorkingDir(newDir);
if (!gWorkingDir.isEmpty()) QDir().mkpath(gWorkingDir);
if (!gWorkingDir.isEmpty()) {
QDir().mkpath(gWorkingDir);
QFile::setPermissions(gWorkingDir,
QFileDevice::ReadUser | QFileDevice::WriteUser | QFileDevice::ExeUser);
}
}
DeclareReadSetting(QString, ExeName);
DeclareReadSetting(QString, ExeDir);