Skip to content

Commit

Permalink
repl: create history file with mode 0600
Browse files Browse the repository at this point in the history
Set the mode bits on the history file to 0o600 instead of leaving it
unspecified, which resulted in 0o755 on Unices.

Test code mostly written by Trott:
#3392 (comment).

PR-URL: #3394
Fixes: #3392
Reviewed-By: Rich Trott <[email protected]>
Reviewed-By: Roman Reiss <[email protected]>
Reviewed-By: Jeremiah Senkpiel <[email protected]>
Reviewed-By: Santiago Gimeno <[email protected]>
Reviewed-By: James M Snell <[email protected]>
  • Loading branch information
XeCycle authored and evanlucas committed May 17, 2016
1 parent 49af20c commit 6353579
Show file tree
Hide file tree
Showing 2 changed files with 57 additions and 1 deletion.
5 changes: 4 additions & 1 deletion lib/internal/repl.js
Original file line number Diff line number Diff line change
Expand Up @@ -93,7 +93,10 @@ function setupHistory(repl, historyPath, oldHistoryPath, ready) {
var writing = false;
var pending = false;
repl.pause();
fs.open(historyPath, 'a+', oninit);
// History files are conventionally not readable by others:
// https://github.com/nodejs/node/issues/3392
// https://github.com/nodejs/node/pull/3394
fs.open(historyPath, 'a+', 0o0600, oninit);

function oninit(err, hnd) {
if (err) {
Expand Down
53 changes: 53 additions & 0 deletions test/parallel/test-repl-history-perm.js
Original file line number Diff line number Diff line change
@@ -0,0 +1,53 @@
'use strict';
// Flags: --expose_internals

const common = require('../common');

if (common.isWindows) {
console.log('1..0 # Skipped: Win32 uses ACLs for file permissions, ' +
'modes are always 0666 and says nothing about group/other ' +
'read access.');
return;
}

const assert = require('assert');
const path = require('path');
const fs = require('fs');
const repl = require('internal/repl');
const Duplex = require('stream').Duplex;
// Invoking the REPL should create a repl history file at the specified path
// and mode 600.

var stream = new Duplex();
stream.pause = stream.resume = function() {};
// ends immediately
stream._read = function() {
this.push(null);
};
stream._write = function(c, e, cb) {
cb();
};
stream.readable = stream.writable = true;

common.refreshTmpDir();
const replHistoryPath = path.join(common.tmpDir, '.node_repl_history');

const checkResults = common.mustCall(function(err, r) {
if (err)
throw err;
r.input.end();
const stat = fs.statSync(replHistoryPath);
assert.strictEqual(
stat.mode & 0o777, 0o600,
'REPL history file should be mode 0600');
});

repl.createInternalRepl(
{NODE_REPL_HISTORY: replHistoryPath},
{
terminal: true,
input: stream,
output: stream
},
checkResults
);

0 comments on commit 6353579

Please sign in to comment.