create files with reduced permissions when possible

2010-11-24 Omair Majid <omajid@redhat.com> * netx/net/sourceforge/jnlp/util/FileUtils.java (createRestrictedDirectory): New method. Creates a directory with reduced permissions. (createRestrictedFile(File,boolean)): New method. Creates a file with reduced permissions. (createRestrictedFile(File,boolean,boolean): New method. Creates a file or a directory with reduced permissions. * netx/net/sourceforge/jnlp/Launcher.java (markNetxRunning): Do not grant unnecessary file permissions. * netx/net/sourceforge/jnlp/runtime/Boot.java: Remove umask from help message. * netx/net/sourceforge/jnlp/runtime/JNLPClassLoader.java (activateNative): Create file with proper permissions. (getNativeDir): Create directory with proper permissions. * netx/net/sourceforge/jnlp/runtime/JNLPRuntime.java (initializeStreams): Create files with proper permissions. * netx/net/sourceforge/jnlp/security/CertWarningPane.java (CheckBoxListener.actionPerformed): Likewise. * netx/net/sourceforge/jnlp/security/KeyStores.java (createKeyStoreFromFile): Likewise. * netx/net/sourceforge/jnlp/security/viewer/CertificatePane.java (ImportButtonListener.actionPerformed): Likewise. (RemoveButtonListener.actionPerformed): Likewise. * netx/net/sourceforge/jnlp/services/SingleInstanceLock.java (createWithPort): Likewise. (getLockFile): Likewise. * netx/net/sourceforge/jnlp/services/XExtendedService.java (openFile): Likewise. * netx/net/sourceforge/jnlp/services/XPersistenceService.java (create): Likewise. * netx/net/sourceforge/jnlp/util/XDesktopEntry.java (installDesktopLauncher): Likewise. * netx/net/sourceforge/jnlp/resources/Messages.properties: Add CantCreateFile, RCantCreateDir and RCantRename. Remove BNoBase and BOUmask.
author: Omair Majid <omajid@redhat.com> 2010-11-24 15:47:50 -0500
committer: Omair Majid <omajid@redhat.com> 2010-11-24 15:47:50 -0500
commit: 96560e4426643be5805fe106764da8f3d1f09613 (patch)
tree: b391c5912ef4254af4977c3a45eead7c0b376b4c /netx/net/sourceforge/jnlp/security/KeyStores.java
parent: 8a4ac3f07e3a60a8cf34fbe12b1b05219e865bf0 (diff)
1 files changed, 3 insertions, 0 deletions
diff --git a/netx/net/sourceforge/jnlp/security/KeyStores.java b/netx/net/sourceforge/jnlp/security/KeyStores.java
index 05bc150..de4aff3 100644
--- a/netx/net/sourceforge/jnlp/security/KeyStores.java
+++ b/netx/net/sourceforge/jnlp/security/KeyStores.java
@@ -53,6 +53,7 @@ import java.util.StringTokenizer;
 import net.sourceforge.jnlp.runtime.DeploymentConfiguration;
 import net.sourceforge.jnlp.runtime.JNLPRuntime;
 import net.sourceforge.jnlp.runtime.Translator;
+import net.sourceforge.jnlp.util.FileUtils;
 
 /**
  * The <code>KeyStores</code> class allows easily accessing the various KeyStores
@@ -339,6 +340,8 @@ public final class KeyStores {
                 if (!parent.isDirectory() && !parent.mkdirs()) {
                     throw new IOException("unable to create " + parent);
                 }
+                FileUtils.createRestrictedFile(file, true);
+
                 ks = KeyStore.getInstance(KEYSTORE_TYPE);
                 ks.load(null, password.toCharArray());
                 FileOutputStream fos = new FileOutputStream(file);
author	Omair Majid <omajid@redhat.com>	2010-11-24 15:47:50 -0500
committer	Omair Majid <omajid@redhat.com>	2010-11-24 15:47:50 -0500
commit	96560e4426643be5805fe106764da8f3d1f09613 (patch)
tree	b391c5912ef4254af4977c3a45eead7c0b376b4c /netx/net/sourceforge/jnlp/security/KeyStores.java
parent	8a4ac3f07e3a60a8cf34fbe12b1b05219e865bf0 (diff)