From a8e52ad89f60741adc474d460724e25bc783dfe5 Mon Sep 17 00:00:00 2001 From: Max Kellermann Date: Sun, 2 Feb 2014 13:59:07 +0100 Subject: ClientFile: move client_allow_file() into the Client class --- src/client/Client.hxx | 13 +++++++++++++ src/client/ClientFile.cxx | 5 +---- src/client/ClientFile.hxx | 40 ---------------------------------------- 3 files changed, 14 insertions(+), 44 deletions(-) delete mode 100644 src/client/ClientFile.hxx (limited to 'src/client') diff --git a/src/client/Client.hxx b/src/client/Client.hxx index ec7d2d741..708b0d03d 100644 --- a/src/client/Client.hxx +++ b/src/client/Client.hxx @@ -36,6 +36,7 @@ struct sockaddr; class EventLoop; +class Path; struct Partition; class Client final : private FullyBufferedSocket, TimeoutMonitor { @@ -156,6 +157,18 @@ public: void UnsubscribeAll(); bool PushMessage(const ClientMessage &msg); + /** + * Is this client allowed to use the specified local file? + * + * Note that this function is vulnerable to timing/symlink attacks. + * We cannot fix this as long as there are plugins that open a file by + * its name, and not by file descriptor / callbacks. + * + * @param path_fs the absolute path name in filesystem encoding + * @return true if access is allowed + */ + bool AllowFile(Path path_fs, Error &error) const; + private: /* virtual methods from class BufferedSocket */ virtual InputResult OnSocketInput(void *data, size_t length) override; diff --git a/src/client/ClientFile.cxx b/src/client/ClientFile.cxx index bdd9b0426..eba64d09c 100644 --- a/src/client/ClientFile.cxx +++ b/src/client/ClientFile.cxx @@ -18,7 +18,6 @@ */ #include "config.h" -#include "ClientFile.hxx" #include "Client.hxx" #include "protocol/Ack.hxx" #include "fs/Path.hxx" @@ -29,16 +28,14 @@ #include bool -client_allow_file(const Client &client, Path path_fs, Error &error) +Client::AllowFile(Path path_fs, Error &error) const { #ifdef WIN32 - (void)client; (void)path_fs; error.Set(ack_domain, ACK_ERROR_PERMISSION, "Access denied"); return false; #else - const int uid = client.GetUID(); if (uid >= 0 && (uid_t)uid == geteuid()) /* always allow access if user runs his own MPD instance */ diff --git a/src/client/ClientFile.hxx b/src/client/ClientFile.hxx deleted file mode 100644 index 5a02a8df7..000000000 --- a/src/client/ClientFile.hxx +++ /dev/null @@ -1,40 +0,0 @@ -/* - * Copyright (C) 2003-2014 The Music Player Daemon Project - * http://www.musicpd.org - * - * This program is free software; you can redistribute it and/or modify - * it under the terms of the GNU General Public License as published by - * the Free Software Foundation; either version 2 of the License, or - * (at your option) any later version. - * - * This program is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - * GNU General Public License for more details. - * - * You should have received a copy of the GNU General Public License along - * with this program; if not, write to the Free Software Foundation, Inc., - * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. - */ - -#ifndef MPD_CLIENT_FILE_HXX -#define MPD_CLIENT_FILE_HXX - -class Client; -class Path; -class Error; - -/** - * Is this client allowed to use the specified local file? - * - * Note that this function is vulnerable to timing/symlink attacks. - * We cannot fix this as long as there are plugins that open a file by - * its name, and not by file descriptor / callbacks. - * - * @param path_fs the absolute path name in filesystem encoding - * @return true if access is allowed - */ -bool -client_allow_file(const Client &client, Path path_fs, Error &error); - -#endif -- cgit v1.2.3