IPC-LockTicket

 view release on metacpan or  search on metacpan

lib/IPC/LockTicket.pm  view on Meta::CPAN


	if ( $objSelf->{_uriPath}
	&& -s $objSelf->{_uriPath}
	&& open(my $fh, '<', $objSelf->{_uriPath}) ) {
		flock($fh, 2);

		# Test if file is readable
		try {
			retrieve($objSelf->{_uriPath})
			}
		catch ($strError) {
			$strErrors	.= qq{"$objSelf->{_uriPath}": Mailformed shared memory file.\n$strError\n};
			}

		close($fh) or $strErrors .= qq{$strCaller(): Unable to close "$objSelf->{_uriPath}" properly\n};
		}
	# User failure
	elsif ( ! $objSelf->{_uriPath} ) {
		$strErrors		.= qq{$strCaller(): Missing argument!\n};
		}
	# If open() failes
	elsif ( -s $objSelf->{_uriPath} ) {
		$strErrors		.= qq{$strCaller(): Unable to open "$objSelf->{_uriPath}"!\n};
		}

	# Some more fine tuning
	if ( $objSelf->{_uriPath}
	&& -d $objSelf->{_uriPath} ) {
		$strErrors	.= qq{"$objSelf->{_uriPath}": A folder can't be a share memory file!\n};
		}
	if ( $objSelf->{_uriPath} !~ m{$rxpFullPath} ) {
		$strErrors	.= qq{"$objSelf->{_uriPath}": is an inadequate path or name!\n};
		}

	# Protect file if not set other wise
	if ( defined($objSelf->{_octPermission})
	&& length(qq{$objSelf->{_octPermission}}) > 4 ) {
		$strErrors	.= sprintf(qq{"%04o": Invalid permission. Must be a octal number of four or NULL.\n}, $objSelf->{_octPermission});
		}
	elsif ( ! defined($objSelf->{_octPermission}) ) {
		$objSelf->{_octPermission}	= 0600;
		}

	# Check permissions
	if ( -e $objSelf->{_uriPath}
	&& ! -r $objSelf->{_uriPath} ) {
		$strErrors	.= qq{"$objSelf->{_uriPath}": No read permission.\n};
		}
	if ( -e $objSelf->{_uriPath}
	&& ! -w $objSelf->{_uriPath} ) {
		$strErrors	.= qq{"$objSelf->{_uriPath}": No write permission.\n};
		}

	# What if permissions differ??
	if ( -e $objSelf->{_uriPath} ) {
		my %mxdFileStat		= ();
		my @strParts		= qw(o g u ts);
		my %intFilePerms	= ();	# user:users 0600
		my @intFileGrpsMbrs	= ();
		my %intObjPerms		= ();	# root:root 0600
		my $strEUName		= (getpwuid($EUID))[0];
		my @intObjGrps		= ( (getpwuid($EUID))[3] );
		my $cntPosition		= 0;
		@mxdFileStat{qw(dev ino mode nlink uid gid rdev size atime mtime ctime blksize blocks)} =
			stat($objSelf->{_uriPath});
		%intFilePerms		=
			map { $strParts[$cntPosition++] => $_ } #( $_ % 2 ) ? $_ - 1 : $_ }		# Execution bit is not required
			reverse(split('', sprintf(q{%04o}, $mxdFileStat{mode} & 07777)));
		$cntPosition		= 0;
		%intObjPerms		=
			map { $strParts[$cntPosition++] => $_ } #( $_ % 2 ) ? $_ - 1 : $_ }		# Execution bit is not required
			reverse(split('', sprintf(q{%04o}, $objSelf->{_octPermission})));
		@intFileGrpsMbrs	=		# Group's members
			map { (getpwnam($_))[2] }	# UID
			grep { defined && $_ ne '' }
			split(m{$rxpWhitespaces}, (getgrgid($mxdFileStat{gid}))[3]);
		push(@intFileGrpsMbrs, 0);	# Root is part of any group

		# If file owner's group is same as the file's group we need to add the user's name to the File Group Members list, in case it's the user's main group, which won't be shown by getent groups
		while ( my(undef, undef, $intUID, $intGID) = getpwent() ) {

			# Users' default groups
			if ( $intGID == $mxdFileStat{gid} ) {	
				push(@intFileGrpsMbrs, $intUID);
				}
			}

		while ( my(undef, undef, $intGID, $strMembers) = getgrent() ) {

			# We need to know all real groups
			if ( grep { $strEUName eq $_ } split(m{$rxpWhitespaces}, $strMembers) ) {
				push(@intObjGrps, $intGID);
				}
			}

		if ( $intFilePerms{o} > $intObjPerms{o}	# General rights are to high
		|| $intFilePerms{g} > $intObjPerms{g}		# General rights are to high

		# File is not owned by user's real groups
		||( !( grep { $mxdFileStat{gid} == $_ } @intObjGrps )
		&& $intFilePerms{g} > $intObjPerms{o} )	# Foreign group has more rights as wanted for other users


		# File is not owned effective user
		||($mxdFileStat{uid} != $EUID
		&& (

		## File owner is part of file owning group -> access can happen through group
		#(grep { $mxdFileStat{uid} == $_ } @intFileGrpsMbrs	
		#&& $intFilePerms{g} > $intObjPerms{o} )
		#
		## File owner is not part of file owning group -> access happens only through owner
		#||( !( grep { $mxdFileStat{uid} == $_ } @intFileGrpsMbrs )
		( !( grep { $mxdFileStat{uid} == $_ } @intFileGrpsMbrs )
		&& $intFilePerms{u} > $intObjPerms{o} )

		) ) ) {
			$strErrors	.= qq{Existing file "$objSelf->{_uriPath}" has douptful permissions.\n};

			}
		}



( run in 3.269 seconds using v1.01-cache-2.11-cpan-6aa56a78535 )