Skip to content

Commit

Permalink
remove permissions check on all files
Browse files Browse the repository at this point in the history
  • Loading branch information
RyanRHall authored and se3000 committed Apr 2, 2020
1 parent 1ef4794 commit b5986a8
Show file tree
Hide file tree
Showing 2 changed files with 19 additions and 16 deletions.
23 changes: 18 additions & 5 deletions core/cmd/local_client.go
Original file line number Diff line number Diff line change
Expand Up @@ -49,7 +49,7 @@ func (cli *Client) RunNode(c *clipkg.Context) error {
})
store := app.GetStore()
if err := checkFilePermissions(cli.Config.RootDir()); err != nil {
return cli.errorOut(err)
logger.Warn(err)
}
pwd, err := passwordFromFile(c.String("password"))
if err != nil {
Expand Down Expand Up @@ -98,21 +98,34 @@ func loggedStop(app chainlink.Application) {
logger.WarnIf(app.Stop())
}

func checkFilePermissions(directory string) error {
err := filepath.Walk(directory,
func checkFilePermissions(rootDir string) error {
errorMsg := "%s has overly permissive file permissions, should be atleast %s"
keysDir := filepath.Join(rootDir, "tempkeys")
protectedFiles := []string{"secret", "cookie"}
err := filepath.Walk(keysDir,
func(path string, info os.FileInfo, err error) error {
if err != nil {
return err
}
fileMode := info.Mode().Perm()
if fileMode&^ownerPermsMask != 0 && !fileMode.IsDir() {
return fmt.Errorf("%s has overly permissive file permissions, should be atleast %s", path, ownerPermsMask)
if fileMode&^ownerPermsMask != 0 {
return fmt.Errorf(errorMsg, path, ownerPermsMask)
}
return nil
})
if err != nil {
return err
}
for _, fileName := range protectedFiles {
fileInfo, err := os.Lstat(filepath.Join(rootDir, fileName))
if err != nil {
return err
}
perm := fileInfo.Mode().Perm()
if perm&^ownerPermsMask != 0 {
return fmt.Errorf(errorMsg, fileName, ownerPermsMask)
}
}
return nil
}

Expand Down
12 changes: 1 addition & 11 deletions core/logger/logger.go
Original file line number Diff line number Diff line change
Expand Up @@ -13,9 +13,6 @@ import (
"go.uber.org/zap/zapcore"
)

// this permission grants read / write accccess to file owners only
const readWritePerms = os.FileMode(0600)

var logger *Logger

func init() {
Expand Down Expand Up @@ -70,11 +67,11 @@ func SetLogger(zl *zap.Logger) {
func CreateProductionLogger(
dir string, jsonConsole bool, lvl zapcore.Level, toDisk bool) *zap.Logger {
config := zap.NewProductionConfig()
destination := logFileURI(dir)
if !jsonConsole {
config.OutputPaths = []string{"pretty://console"}
}
if toDisk {
destination := logFileURI(dir)
config.OutputPaths = append(config.OutputPaths, destination)
config.ErrorOutputPaths = append(config.ErrorOutputPaths, destination)
}
Expand All @@ -84,13 +81,6 @@ func CreateProductionLogger(
if err != nil {
log.Fatal(err)
}

if toDisk {
if err := os.Chmod(destination, readWritePerms); err != nil {
log.Fatal(err)
}
}

return zl
}

Expand Down

0 comments on commit b5986a8

Please sign in to comment.