Bug 1337007 - Clear umask while updating on OSX r=rstrong,spohl
authorDoug Thayer <dothayer@mozilla.com>
Fri, 26 May 2017 14:45:34 -0700
changeset 410213 b055ba326f1f2930f1ca12e1927f21521fa07b80
parent 410212 bff272abb590192d6e7fefbdfe050f59fcbb4c7d
child 410214 96ec270d7778bc59e6deb145ac6ff400090b9d28
push id7391
push usermtabara@mozilla.com
push dateMon, 12 Jun 2017 13:08:53 +0000
treeherdermozilla-beta@2191d7f87e2e [default view] [failures only]
perfherder[talos] [build metrics] [platform microbench] (compared to previous push)
reviewersrstrong, spohl
bugs1337007
milestone55.0a1
first release with
nightly linux32
nightly linux64
nightly mac
nightly win32
nightly win64
last release without
nightly linux32
nightly linux64
nightly mac
nightly win32
nightly win64
Bug 1337007 - Clear umask while updating on OSX r=rstrong,spohl On OSX, we want the updater to behave the same as when a user drags a .dmg to the /Applications directory. When the user does this, OSX does not follow their umask settings, assuming the user wants to install the application for all users. The updater should behave similarly. MozReview-Commit-ID: JXFI9mW9erL
toolkit/mozapps/update/updater/updater.cpp
--- a/toolkit/mozapps/update/updater/updater.cpp
+++ b/toolkit/mozapps/update/updater/updater.cpp
@@ -213,16 +213,44 @@ struct MARChannelStringTable {
     MARChannelID[0] = '\0';
   }
 
   char MARChannelID[MAX_TEXT_LEN];
 };
 
 //-----------------------------------------------------------------------------
 
+#ifdef XP_MACOSX
+
+// Just a simple class that sets a umask value in its constructor and resets
+// it in its destructor.
+class UmaskContext
+{
+public:
+  explicit UmaskContext(mode_t umaskToSet);
+  ~UmaskContext();
+
+private:
+  mode_t mPreviousUmask;
+};
+
+UmaskContext::UmaskContext(mode_t umaskToSet)
+{
+  mPreviousUmask = umask(umaskToSet);
+}
+
+UmaskContext::~UmaskContext()
+{
+  umask(mPreviousUmask);
+}
+
+#endif
+
+//-----------------------------------------------------------------------------
+
 typedef void (* ThreadFunc)(void *param);
 
 #ifdef XP_WIN
 #include <process.h>
 
 class Thread
 {
 public:
@@ -2666,16 +2694,21 @@ int LaunchCallbackAndPostProcessApps(int
 int NS_main(int argc, NS_tchar **argv)
 {
   // The callback is the remaining arguments starting at callbackIndex.
   // The argument specified by callbackIndex is the callback executable and the
   // argument prior to callbackIndex is the working directory.
   const int callbackIndex = 6;
 
 #ifdef XP_MACOSX
+  // We want to control file permissions explicitly, or else we could end up
+  // corrupting installs for other users on the system. Accordingly, set the
+  // umask to 0 for all file creations below and reset it on exit. See Bug 1337007
+  UmaskContext umaskContext(0);
+
   bool isElevated =
     strstr(argv[0], "/Library/PrivilegedHelperTools/org.mozilla.updater") != 0;
   if (isElevated) {
     if (!ObtainUpdaterArguments(&argc, &argv)) {
       // Won't actually get here because ObtainUpdaterArguments will terminate
       // the current process on failure.
       return 1;
     }