Make sure all directories are not readable by baddies (dejavu wk1#0).

Closes #2509. Remove neth :(. Who knows, perhaps not forever...
10 years ago · 51f887aac5
11 changed files with 25 additions and 1551 deletions
--- a/CMakeLists.txt
+++ b/CMakeLists.txt
@ -38,7 +38,6 @@ option(ETHKEY "Build the CLI key manager component" ON)
 option(SOLIDITY "Build the Solidity language components" ON)
 option(SERPENT "Build the Serpent language components" ON)
 option(TOOLS "Build the tools components" ON)
-option(NCURSES "Build the NCurses components" OFF)
 option(GUI "Build GUI components (AlethZero, Mix)" ON)
 option(TESTS "Build the tests." ON)
 option(NOBOOST "No use of boost macros in test functions" OFF)
@ -209,7 +208,6 @@ eth_format_option(ETHKEY)
 eth_format_option(ETHASHCL)
 eth_format_option(JSCONSOLE)
 eth_format_option_on_decent_platform(SERPENT)
-eth_format_option_on_decent_platform(NCURSES)

 if (JSCONSOLE)
 	set(JSONRPC ON)
@ -227,7 +225,6 @@ if (BUNDLE STREQUAL "minimal")
 	set(SOLIDITY OFF)
 	set(USENPM OFF)
 	set(GUI OFF)
-	set(NCURSES OFF)
 	set(TOOLS ON)
 	set(TESTS OFF)
 elseif (BUNDLE STREQUAL "full")
@ -235,7 +232,6 @@ elseif (BUNDLE STREQUAL "full")
 	set(SOLIDITY ON)
 	set(USENPM ON)
 	set(GUI ON)
-#	set(NCURSES ${DECENT_PLATFORM})
 	set(TOOLS ON)
 	set(TESTS ON)
 	set(FATDB ON)
@ -244,7 +240,6 @@ elseif (BUNDLE STREQUAL "cli")
 	set(SOLIDITY ON)
 	set(USENPM ON)
 	set(GUI OFF)
-#	set(NCURSES ${DECENT_PLATFORM})
 	set(TOOLS ON)
 	set(TESTS ON)
 	set(FATDB ON)
@ -253,7 +248,6 @@ elseif (BUNDLE STREQUAL "core")
 	set(SOLIDITY ON)
 	set(USENPM OFF)
 	set(GUI ON)
-	set(NCURSES OFF)
 	set(TOOLS ON)
 	set(TESTS OFF)
 	set(FATDB ON)
@ -262,7 +256,6 @@ elseif (BUNDLE STREQUAL "tests")
 	set(SOLIDITY ON)
 	set(USENPM OFF)
 	set(GUI OFF)
-	set(NCURSES OFF)
 	set(TOOLS OFF)
 	set(TESTS ON)
 	set(FATDB ON)
@ -271,7 +264,6 @@ elseif (BUNDLE STREQUAL "user")
 	set(SOLIDITY OFF)
 	set(USENPM OFF)
 	set(GUI ON)
-#	set(NCURSES ${DECENT_PLATFORM})
 	set(TOOLS ON)
 	set(TESTS OFF)
 elseif (BUNDLE STREQUAL "wallet")
@ -279,7 +271,6 @@ elseif (BUNDLE STREQUAL "wallet")
 	set(SOLIDITY OFF)
 	set(USENPM OFF)
 	set(GUI OFF)
-	set(NCURSES OFF)
 	set(TOOLS OFF)
 	set(TESTS OFF)
 	set(ETHKEY ON)
@ -290,7 +281,6 @@ elseif (BUNDLE STREQUAL "miner")
 	set(SOLIDITY OFF)
 	set(USENPM OFF)
 	set(GUI OFF)
-	set(NCURSES OFF)
 	set(TOOLS OFF)
 	set(TESTS OFF)
 	set(ETHKEY OFF)
@ -338,7 +328,6 @@ message("-- TOOLS            Build basic tools                        ${TOOLS}")
 message("-- SOLIDITY         Build Solidity language components       ${SOLIDITY}")
 message("-- SERPENT          Build Serpent language components        ${SERPENT}")
 message("-- GUI              Build GUI components                     ${GUI}")
-message("-- NCURSES          Build NCurses components                 ${NCURSES}")
 message("-- TESTS            Build tests                              ${TESTS}")
 message("-- ETHASHCL         Build OpenCL components (experimental!)  ${ETHASHCL}")
 message("-- JSCONSOLE        Build with javascript console            ${JSCONSOLE}")
@ -373,7 +362,7 @@ if (EVMJIT)
 	add_subdirectory(evmjit)
 endif()

-if (TOOLS OR GUI OR SOLIDITY OR NCURSES OR TESTS)
+if (TOOLS OR GUI OR SOLIDITY OR TESTS)
 	set(GENERAL 1)
 else ()
 	set(GENERAL 0)
@ -469,10 +458,6 @@ if (TOOLS)

 endif()

-#if (NCURSES)
-#	add_subdirectory(neth)
-#endif ()
-
 if (GUI)

 	add_subdirectory(libnatspec)
--- a/alethzero/NatspecHandler.cpp
+++ b/alethzero/NatspecHandler.cpp
@ -29,15 +29,16 @@
 #include <libdevcore/Log.h>
 #include <libdevcore/SHA3.h>
 #include <libethereum/Defaults.h>
-
 using namespace dev;
 using namespace dev::eth;
 using namespace std;
+namespace fs = boost::filesystem;

 NatspecHandler::NatspecHandler()
 {
 	string path = Defaults::dbPath();
-	boost::filesystem::create_directories(path);
+	fs::create_directories(path);
+	fs::permissions(path, fs::owner_all);
 	ldb::Options o;
 	o.create_if_missing = true;
 	ldb::DB::Open(o, path + "/natspec", &m_db);
--- a/libdevcore/TransientDirectory.cpp
+++ b/libdevcore/TransientDirectory.cpp
@ -27,6 +27,7 @@
 #include "Log.h"
 using namespace std;
 using namespace dev;
+namespace fs = boost::filesystem;

 TransientDirectory::TransientDirectory():
 	TransientDirectory((boost::filesystem::temp_directory_path() / "eth_transient" / toString(FixedHash<4>::random())).string())
@ -39,13 +40,14 @@ TransientDirectory::TransientDirectory(std::string const& _path):
 	if (boost::filesystem::exists(m_path))
 		BOOST_THROW_EXCEPTION(FileError());

-	boost::filesystem::create_directories(m_path);
+	fs::create_directories(m_path);
+	fs::permissions(m_path, fs::owner_all);
 }

 TransientDirectory::~TransientDirectory()
 {
 	boost::system::error_code ec;		
-	boost::filesystem::remove_all(m_path, ec);
+	fs::remove_all(m_path, ec);
 	if (!ec)
 		return;

@ -56,7 +58,7 @@ TransientDirectory::~TransientDirectory()
 	this_thread::sleep_for(chrono::milliseconds(10));

 	ec.clear();
-	boost::filesystem::remove_all(m_path, ec);
+	fs::remove_all(m_path, ec);
 	if (!ec)
 		cwarn << "Failed to delete directory '" << m_path << "': " << ec.message();
 }
--- a/libdevcrypto/SecretStore.cpp
+++ b/libdevcrypto/SecretStore.cpp
@ -137,6 +137,7 @@ void SecretStore::save(string const& _keysPath)
 {
 	fs::path p(_keysPath);
 	fs::create_directories(p);
+	fs::permissions(p, fs::owner_all);
 	for (auto& k: m_keys)
 	{
 		string uuid = toUUID(k.first);
@ -158,6 +159,7 @@ void SecretStore::load(string const& _keysPath)
 {
 	fs::path p(_keysPath);
 	fs::create_directories(p);
+	fs::permissions(p, fs::owner_all);
 	for (fs::directory_iterator it(p); it != fs::directory_iterator(); ++it)
 		if (fs::is_regular_file(it->path()))
 			readKey(it->path().string(), true);
--- a/libethereum/BlockChain.cpp
+++ b/libethereum/BlockChain.cpp
@ -42,11 +42,11 @@
 #include "State.h"
 #include "Utility.h"
 #include "Defaults.h"
-
 using namespace std;
 using namespace dev;
 using namespace dev::eth;
 namespace js = json_spirit;
+namespace fs = boost::filesystem;

 #define ETH_CATCH 1
 #define ETH_TIMED_IMPORTS 1
@ -156,7 +156,8 @@ unsigned BlockChain::open(std::string const& _path, WithExisting _we)
 	string chainPath = path + "/" + toHex(m_genesisHash.ref().cropped(0, 4));
 	string extrasPath = chainPath + "/" + toString(c_databaseVersion);

-	boost::filesystem::create_directories(extrasPath);
+	fs::create_directories(extrasPath);
+	fs::permissions(extrasPath, fs::owner_all);

 	bytes status = contents(extrasPath + "/minor");
 	unsigned lastMinor = c_minorProtocolVersion;
--- a/libethereum/State.cpp
+++ b/libethereum/State.cpp
@ -67,6 +67,7 @@ OverlayDB State::openDB(std::string const& _basePath, h256 const& _genesisHash,

 	path += "/" + toHex(_genesisHash.ref().cropped(0, 4)) + "/" + toString(c_databaseVersion);
 	boost::filesystem::create_directories(path);
+	fs::permissions(path, fs::owner_all);

 	ldb::Options o;
 	o.max_open_files = 256;
--- a/libethereum/Utility.cpp
+++ b/libethereum/Utility.cpp
@ -113,12 +113,14 @@ void dev::eth::upgradeDatabase(std::string const& _basePath, h256 const& _genesi
 			// write status
 			if (!fs::exists(chainPath + "/blocks"))
 			{
-				boost::filesystem::create_directories(chainPath);
+				fs::create_directories(chainPath);
+				fs::permissions(chainPath, fs::owner_all);
 				fs::rename(path + "/blocks", chainPath + "/blocks");

 				if (!fs::exists(extrasPath + "/extras"))
 				{
-					boost::filesystem::create_directories(extrasPath);
+					fs::create_directories(extrasPath);
+					fs::permissions(extrasPath, fs::owner_all);
 					fs::rename(path + "/details", extrasPath + "/extras");
 					fs::rename(path + "/state", extrasPath + "/state");
 					writeFile(extrasPath + "/minor", rlp(minorProtocolVersion));
--- a/libweb3jsonrpc/WebThreeStubServer.cpp
+++ b/libweb3jsonrpc/WebThreeStubServer.cpp
@ -34,6 +34,7 @@
 using namespace std;
 using namespace dev;
 using namespace dev::eth;
+namespace fs = boost::filesystem;

 bool isHex(std::string const& _s)
 {
@ -56,7 +57,8 @@ WebThreeStubServer::WebThreeStubServer(jsonrpc::AbstractServerConnector& _conn,
 	m_gp(_gp)
 {
 	auto path = getDataDir() + "/.web3";
-	boost::filesystem::create_directories(path);
+	fs::create_directories(path);
+	fs::permissions(path, fs::owner_all);
 	ldb::Options o;
 	o.create_if_missing = true;
 	ldb::DB::Open(o, path, &m_db);
--- a/libwhisper/WhisperDB.cpp
+++ b/libwhisper/WhisperDB.cpp
@ -22,16 +22,17 @@
 #include "WhisperDB.h"
 #include <boost/filesystem.hpp>
 #include <libdevcore/FileSystem.h>
-
 using namespace std;
 using namespace dev;
 using namespace dev::shh;
+namespace fs = boost::filesystem;

 WhisperDB::WhisperDB()
 {
 	m_readOptions.verify_checksums = true;
 	string path = dev::getDataDir("shh");
-	boost::filesystem::create_directories(path);
+	fs::create_directories(path);
+	fs::permissions(path, fs::owner_all);
 	leveldb::Options op;
 	op.create_if_missing = true;
 	op.max_open_files = 256;
--- a/neth/CMakeLists.txt
+++ b/neth/CMakeLists.txt
@ -1,26 +0,0 @@
-cmake_policy(SET CMP0015 NEW)
-
-aux_source_directory(. SRC_LIST)
-
-include_directories(BEFORE ..)
-include_directories(${JSON_RPC_CPP_INCLUDE_DIRS})
-include_directories(${DB_INCLUDE_DIRS})
-include_directories(${Boost_INCLUDE_DIRS})
-
-set(EXECUTABLE neth)
-
-add_executable(${EXECUTABLE} ${SRC_LIST})
-
-add_dependencies(${EXECUTABLE} BuildInfo.h)
-
-if (JSONRPC)
-	target_link_libraries(${EXECUTABLE} web3jsonrpc)
-endif()
-
-target_link_libraries(${EXECUTABLE} webthree)
-target_link_libraries(${EXECUTABLE} ethereum)
-target_link_libraries(${EXECUTABLE} ncurses)
-target_link_libraries(${EXECUTABLE} form)
-
-install( TARGETS ${EXECUTABLE} DESTINATION bin )
-
--- a/neth/main.cpp
+++ b/neth/main.cpp