Ensure the passed daemon directory has the right permissions (#3)

Author: alexarchambault

library/src/libdaemonjvm/LockFiles.scala

@@ -1,11 +1,13 @@
 package libdaemonjvm
 
+import java.io.IOException
 import java.nio.channels.FileChannel
 import java.nio.file.{Files, Path}
-import java.nio.channels.FileLock
-import java.nio.channels.ClosedChannelException
-import java.io.IOException
+import java.nio.channels.{ClosedChannelException, FileLock}
+import java.nio.file.attribute.PosixFilePermission
 import java.nio.file.StandardOpenOption
+import scala.collection.JavaConverters._
+import scala.util.Properties
 
 final case class LockFiles(
   lockFile: Path,
@@ -38,9 +40,39 @@ final case class LockFiles(
 }
 
 object LockFiles {
+
+  private val forbiddenPermissions = {
+    import PosixFilePermission._
+    Set(
+      GROUP_READ,
+      GROUP_WRITE,
+      GROUP_EXECUTE,
+      OTHERS_READ,
+      OTHERS_WRITE,
+      OTHERS_EXECUTE
+    )
+  }
+
   def under(dir: Path, windowsPipeName: String): LockFiles =
     under(dir, windowsPipeName, addPipePrefix = true)
   def under(dir: Path, windowsPipeName: String, addPipePrefix: Boolean): LockFiles =
+    under(dir, windowsPipeName, addPipePrefix, checkPermissions = true)
+  def under(
+    dir: Path,
+    windowsPipeName: String,
+    addPipePrefix: Boolean,
+    checkPermissions: Boolean
+  ): LockFiles = {
+    // FIXME Java 16 support on Windows also uses actual files on disk AFAIK.
+    // So we might need to check permissions there too.
+    if (checkPermissions && !Properties.isWin) {
+      val perms   = Files.getPosixFilePermissions(dir).asScala.toSet
+      val invalid = perms.intersect(forbiddenPermissions)
+      if (invalid.nonEmpty)
+        throw new IllegalArgumentException(
+          s"$dir has invalid permissions ${invalid.map(_.name()).toVector.sorted.mkString(", ")}"
+        )
+    }
     LockFiles(
       lockFile = dir.resolve("lock"),
       pidFile = dir.resolve("pid"),
@@ -49,4 +81,5 @@ object LockFiles {
         if (addPipePrefix) "\\\\.\\pipe\\" + windowsPipeName else windowsPipeName
       )
     )
+  }
 }

manual/server/src/libdaemonjvm/TestServer.scala

@@ -1,19 +1,34 @@
 package libdaemonjvm
 
-import java.nio.file.Paths
+import java.io.IOException
+import java.nio.file.{Files, Paths}
+import java.nio.file.attribute.PosixFilePermission
+import java.util.concurrent.atomic.AtomicInteger
 
 import scala.concurrent.duration._
-import java.util.concurrent.atomic.AtomicInteger
+import scala.jdk.CollectionConverters._
+import scala.util.Properties
 
 import libdaemonjvm.internal.SocketFile
 import libdaemonjvm.server.Lock
-import java.io.IOException
 
 object TestServer {
   val delay          = 2.seconds
   def runTestClients = false
   def main(args: Array[String]): Unit = {
-    val files = LockFiles.under(Paths.get("data-dir"), "libdaemonjvm\\test-server-client\\pipe")
+    val path = Paths.get("data-dir")
+    if (!Properties.isWin) {
+      Files.createDirectories(path)
+      Files.setPosixFilePermissions(
+        path,
+        Set(
+          PosixFilePermission.OWNER_READ,
+          PosixFilePermission.OWNER_WRITE,
+          PosixFilePermission.OWNER_EXECUTE
+        ).asJava
+      )
+    }
+    val files = LockFiles.under(path, "libdaemonjvm\\test-server-client\\pipe")
     val incomingConn = Lock.tryAcquire(files) match {
       case Left(e)         => throw e
       case Right(Left(s))  => () => s.accept()

tests/test/src/libdaemonjvm/tests/TestUtil.scala

@@ -32,11 +32,16 @@ object TestUtil {
     dir
   }
 
-  def lockFiles(dir: os.Path): LockFiles =
+  def lockFiles(dir: os.Path): LockFiles = {
+    if (!Properties.isWin) {
+      os.makeDir.all(dir)
+      os.perms.set(dir, "rwx------")
+    }
     LockFiles.under(
       dir.toNIO,
       "libdaemonjvm-tests-" + dir.segments.toVector.drop(dir.segmentCount - 2).mkString("-")
     )
+  }
 
   private val count = new AtomicInteger
   def withTestDir[T](f: os.Path => T): T = {