Skip to content

Navigation Menu

Sign in
Appearance settings

Search code, repositories, users, issues, pull requests...

Provide feedback

We read every piece of feedback, and take your input very seriously.

Saved searches

Use saved searches to filter your results more quickly
Appearance settings

Commit 4c1eb5b

Browse filesBrowse files
XeCycleMyles Borins
XeCycle
authored and
Myles Borins
committed
repl: create history file with mode 0600
Set the mode bits on the history file to 0o600 instead of leaving it unspecified, which resulted in 0o755 on Unices. Test code mostly written by Trott: #3392 (comment). PR-URL: #3394 Fixes: #3392 Reviewed-By: Rich Trott <rtrott@gmail.com> Reviewed-By: Roman Reiss <me@silverwind.io> Reviewed-By: Jeremiah Senkpiel <fishrock123@rocketmail.com> Reviewed-By: Santiago Gimeno <santiago.gimeno@gmail.com> Reviewed-By: James M Snell <jasnell@gmail.com>
1 parent de00f91 commit 4c1eb5b
Copy full SHA for 4c1eb5b

File tree

Expand file treeCollapse file tree

2 files changed

+57
-1
lines changed
Open diff view settings
Filter options
Expand file treeCollapse file tree

2 files changed

+57
-1
lines changed
Open diff view settings
Collapse file

‎lib/internal/repl.js‎

Copy file name to clipboardExpand all lines: lib/internal/repl.js
+4-1Lines changed: 4 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -93,7 +93,10 @@ function setupHistory(repl, historyPath, oldHistoryPath, ready) {
9393
var writing = false;
9494
var pending = false;
9595
repl.pause();
96-
fs.open(historyPath, 'a+', oninit);
96+
// History files are conventionally not readable by others:
97+
// https://github.com/nodejs/node/issues/3392
98+
// https://github.com/nodejs/node/pull/3394
99+
fs.open(historyPath, 'a+', 0o0600, oninit);
97100

98101
function oninit(err, hnd) {
99102
if (err) {
Collapse file

‎test/parallel/test-repl-history-perm.js‎

Copy file name to clipboard
+53Lines changed: 53 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,53 @@
1+
'use strict';
2+
// Flags: --expose_internals
3+
4+
const common = require('../common');
5+
6+
if (common.isWindows) {
7+
console.log('1..0 # Skipped: Win32 uses ACLs for file permissions, ' +
8+
'modes are always 0666 and says nothing about group/other ' +
9+
'read access.');
10+
return;
11+
}
12+
13+
const assert = require('assert');
14+
const path = require('path');
15+
const fs = require('fs');
16+
const repl = require('internal/repl');
17+
const Duplex = require('stream').Duplex;
18+
// Invoking the REPL should create a repl history file at the specified path
19+
// and mode 600.
20+
21+
var stream = new Duplex();
22+
stream.pause = stream.resume = function() {};
23+
// ends immediately
24+
stream._read = function() {
25+
this.push(null);
26+
};
27+
stream._write = function(c, e, cb) {
28+
cb();
29+
};
30+
stream.readable = stream.writable = true;
31+
32+
common.refreshTmpDir();
33+
const replHistoryPath = path.join(common.tmpDir, '.node_repl_history');
34+
35+
const checkResults = common.mustCall(function(err, r) {
36+
if (err)
37+
throw err;
38+
r.input.end();
39+
const stat = fs.statSync(replHistoryPath);
40+
assert.strictEqual(
41+
stat.mode & 0o777, 0o600,
42+
'REPL history file should be mode 0600');
43+
});
44+
45+
repl.createInternalRepl(
46+
{NODE_REPL_HISTORY: replHistoryPath},
47+
{
48+
terminal: true,
49+
input: stream,
50+
output: stream
51+
},
52+
checkResults
53+
);

0 commit comments

Comments
0 (0)
Morty Proxy This is a proxified and sanitized view of the page, visit original site.