Recent

Author Topic: TUniqueInstance - permissions of a pipe  (Read 814 times)

AlexTP

  • Hero Member
  • *****
  • Posts: 2383
    • UVviewsoft
TUniqueInstance - permissions of a pipe
« on: April 19, 2022, 08:37:26 pm »
I use SUBJ component and it's creating its pipe with such permissions

Code: Pascal  [Select][+][-]
  1. user@PC:~$ ls /tmp/tun*
  2. /tmp/tuniqueinstance_cudatext.0
  3. user@PC:~$ ls -l /tmp/tun*
  4. prw-rw-r-- 1 user user 0 апр 19 21:34 /tmp/tuniqueinstance_cudatext.0
  5. user@PC:~$
  6.  

user of my text editor asked, what if some bad person (from the group) will write to that pipe? what is one (any)  reads from this pipe?

We need permissions rw------- here.

AlexTP

  • Hero Member
  • *****
  • Posts: 2383
    • UVviewsoft
Re: TUniqueInstance - permissions of a pipe
« Reply #1 on: April 19, 2022, 08:51:10 pm »
Pipe is made here:

fpcsrc/packages/fcl-process/src/unix/simpleipc.inc

Code: Pascal  [Select][+][-]
  1. procedure TPipeClientComm.Connect;
  2. begin
  3.   If Not ServerRunning then
  4.     DoError(SErrServerNotActive,[Owner.ServerID]);
  5.   // Use the sharedenynone line to allow more then one client
  6.   // communicating with one server at the same time
  7.   // see also mantis 15219
  8.   FStream:=TFileStream.Create(FFileName,fmOpenWrite+fmShareDenyNone);
  9.   // FStream:=TFileStream.Create(FFileName,fmOpenWrite);
  10. end;
  11.  


PascalDragon

  • Hero Member
  • *****
  • Posts: 5446
  • Compiler Developer
Re: TUniqueInstance - permissions of a pipe
« Reply #2 on: April 20, 2022, 11:03:30 am »
The mode flags would then need to be controlled from the outside, cause there can be use cases where the current behavior is indeed the intended behavior (e.g. client applications communicating with a service where both share the same group).

AlexTP

  • Hero Member
  • *****
  • Posts: 2383
    • UVviewsoft
Re: TUniqueInstance - permissions of a pipe
« Reply #3 on: April 20, 2022, 11:07:14 am »
Yes, agreed: let's control it from the outsude. I will call Unix api to set permissions. In {$ifdef unix}.
What property for filename should I use?

PascalDragon

  • Hero Member
  • *****
  • Posts: 5446
  • Compiler Developer
Re: TUniqueInstance - permissions of a pipe
« Reply #4 on: April 20, 2022, 11:19:58 am »
  • the file is already Unix specific, no need for ifdef UNIX
  • TFileStream.Create has an overload that allows setting the mode flags directly
  • you need to modify TPipeServerComm not TPipeClientComm as it's the former that creates the pipe
  • TPipeServerComm already has a mechanism for this and it's controlled by the TSimpleIPCServer.Global property which is False by default, so maybe UniqueInstance or someone else sets that to True

AlexTP

  • Hero Member
  • *****
  • Posts: 2383
    • UVviewsoft
Re: TUniqueInstance - permissions of a pipe
« Reply #5 on: April 20, 2022, 11:24:03 am »
- in any way, I need modification of FPC code, so I need the FPC fix
- it is not enough to change Global for GetTempDir(Owner.Global), because here, on Ubuntu, I get in GetTempDir(false) the same value of '/tmp/'.

PascalDragon

  • Hero Member
  • *****
  • Posts: 5446
  • Compiler Developer
Re: TUniqueInstance - permissions of a pipe
« Reply #6 on: April 20, 2022, 11:38:34 am »
- in any way, I need modification of FPC code, so I need the FPC fix
- it is not enough to change Global for GetTempDir(Owner.Global), because here, on Ubuntu, I get in GetTempDir(false) the same value of '/tmp/'.

I don't see a need for a fix on FPC side here: GetTempDir simply returns what is set in the environment. So /tmp is probably writeable by your user anway (did you even try?), it is for me for example. If you're not happy with that then set SysUtils.OnGetTempDir and provide your own implementation.

AlexTP

  • Hero Member
  • *****
  • Posts: 2383
    • UVviewsoft
Re: TUniqueInstance - permissions of a pipe
« Reply #7 on: April 20, 2022, 01:07:53 pm »
Okay, GetTempDir(false) is giving /tmp/ here. It is OK path. Now I want to set permissions to the pipe object in /tmp/ - how can I get filename of that pipe? I don't see how I can edit TUniqueInstance code to get the filename.

 

TinyPortal © 2005-2018