From 59f10b36040b16868e7f288ee6c7f8825993fcb5 Mon Sep 17 00:00:00 2001 From: William Perron Date: Fri, 27 Nov 2020 13:43:39 -0500 Subject: [PATCH] fix(cli/ops/net): add write permissions for unixpackets datagrams & unix socket (#8511) Fixes #7781 --- cli/ops/net.rs | 3 ++- cli/tests/unit/net_test.ts | 38 ++++++++++++++++++++++++++++++++++++++ 2 files changed, 40 insertions(+), 1 deletion(-) diff --git a/cli/ops/net.rs b/cli/ops/net.rs index 2be65e1ec2..98ff83fc02 100644 --- a/cli/ops/net.rs +++ b/cli/ops/net.rs @@ -229,7 +229,7 @@ async fn op_datagram_send( let address_path = Path::new(&args.path); { let s = state.borrow(); - s.borrow::().check_read(&address_path)?; + s.borrow::().check_write(&address_path)?; } let mut state = state.borrow_mut(); let resource = state @@ -308,6 +308,7 @@ async fn op_connect( { let state_ = state.borrow(); state_.borrow::().check_read(&address_path)?; + state_.borrow::().check_write(&address_path)?; } let path = args.path; let unix_stream = net_unix::UnixStream::connect(Path::new(&path)).await?; diff --git a/cli/tests/unit/net_test.ts b/cli/tests/unit/net_test.ts index b1f4f87ca8..890a1bb62b 100644 --- a/cli/tests/unit/net_test.ts +++ b/cli/tests/unit/net_test.ts @@ -65,6 +65,44 @@ unitTest( }, ); +unitTest( + { ignore: Deno.build.os === "windows", perms: { read: true } }, + function netUnixListenWritePermission(): void { + try { + const filePath = Deno.makeTempFileSync(); + const socket = Deno.listen({ + path: filePath, + transport: "unix", + }); + assert(socket.addr.transport === "unix"); + assertEquals(socket.addr.path, filePath); + socket.close(); + } catch (e) { + assert(!!e); + assert(e instanceof Deno.errors.PermissionDenied); + } + }, +); + +unitTest( + { ignore: Deno.build.os === "windows", perms: { read: true } }, + function netUnixPacketListenWritePermission(): void { + try { + const filePath = Deno.makeTempFileSync(); + const socket = Deno.listenDatagram({ + path: filePath, + transport: "unixpacket", + }); + assert(socket.addr.transport === "unixpacket"); + assertEquals(socket.addr.path, filePath); + socket.close(); + } catch (e) { + assert(!!e); + assert(e instanceof Deno.errors.PermissionDenied); + } + }, +); + unitTest( { perms: { net: true },