Marmelator/persistence-service
1
0
Fork 0
Code Issues Pull Requests 17 Actions Packages Projects Releases 1.1k Wiki Activity

RED-2315: made sure publicly writable directories are used safely

Browse Source
This commit is contained in:
aoezyetimoglu 2021-09-29 17:28:43 +02:00
parent 63f0feb667
commit 0255c717c8
1 changed files with 6 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

7
persistence-service-v1/persistence-service-server-v1/src/main/java/com/iqser/red/service/peristence/v1/server/utils/FileSystemBackedArchiver.java
View File

@ -6,6 +6,10 @@ import lombok.SneakyThrows;
import lombok.extern.slf4j.Slf4j;
import java.io.*;
import java.nio.file.Files;
import java.nio.file.attribute.FileAttribute;
import java.nio.file.attribute.PosixFilePermission;
import java.nio.file.attribute.PosixFilePermissions;
import java.util.Arrays;
import java.util.HashSet;
import java.util.List;
@ -22,7 +26,8 @@ public class FileSystemBackedArchiver implements AutoCloseable {
@SneakyThrows
public FileSystemBackedArchiver() {
tempFile = File.createTempFile("archive", ".zip");
FileAttribute<Set<PosixFilePermission>> attr = PosixFilePermissions.asFileAttribute(PosixFilePermissions.fromString("rwx------"));
tempFile = Files.createTempFile("archive", ".zip", attr).toFile();
zipOutputStream = new ZipOutputStream(new FileOutputStream(tempFile));
}