[Libreoffice-commits] online.git: Branch 'distro/collabora/collabora-online-3' - common/Util.cpp common/Util.hpp kit/Kit.cpp

[Michael Meeks]

 common/Util.cpp |   24 ++++++++++++++++++++++++
 common/Util.hpp |    3 +++
 kit/Kit.cpp     |    4 ++++
 3 files changed, 31 insertions(+)

New commits:
commit 582b16170deda857247de44f14c1d70a3f4112d6
Author: Michael Meeks <michael.meeks at collabora.com>
Date:   Wed Mar 14 15:46:52 2018 +0000

    Use a hard random /tmp directory for document intermediates.
    
    Requires a lok tweak to reset the tmpdir globals on init.
    
    Change-Id: I602705f20fa016ef415088be8d1ada6d465d2a8d
    Reviewed-on: https://gerrit.libreoffice.org/51378
    Reviewed-by: Jan Holesovsky <kendy at collabora.com>
    Tested-by: Jan Holesovsky <kendy at collabora.com>

diff --git a/common/Util.cpp b/common/Util.cpp
index b9ca5951c..b0d87b7d3 100644
--- a/common/Util.cpp
+++ b/common/Util.cpp
@@ -116,6 +116,30 @@ namespace Util
         }
     }
 
+    static std::string getDefaultTmpDir()
+    {
+        const char *tmp = getenv("TMPDIR");
+        if (!tmp)
+            tmp = getenv("TEMP");
+        if (!tmp)
+            tmp = getenv("TMP");
+        if (!tmp)
+            tmp = "/tmp";
+        return tmp;
+    }
+
+    std::string createRandomTmpDir()
+    {
+        std::string defaultTmp = getDefaultTmpDir();
+        std::string newTmp =
+            defaultTmp + "/lool-" + rng::getFilename(16);
+        if (::mkdir(newTmp.c_str(), S_IRWXU) < 0) {
+            LOG_ERR("Failed to create random temp directory");
+            return defaultTmp;
+        }
+        return newTmp;
+    }
+
     // close what we have - far faster than going up to a 1m open_max eg.
     static bool closeFdsFromProc()
     {
diff --git a/common/Util.hpp b/common/Util.hpp
index b4c59f981..64aa8bf57 100644
--- a/common/Util.hpp
+++ b/common/Util.hpp
@@ -42,6 +42,9 @@ namespace Util
         std::string getFilename(const size_t length);
     }
 
+    /// Create randomized temporary directory
+    std::string createRandomTmpDir();
+
     /// Spawn a process if stdInput is non-NULL it contains a writable descriptor
     /// to send data to the child.
     int spawnProcess(const std::string &cmd, const std::vector<std::string> &args,
diff --git a/kit/Kit.cpp b/kit/Kit.cpp
index d1bbdbedf..b99d7e413 100644
--- a/kit/Kit.cpp
+++ b/kit/Kit.cpp
@@ -2075,6 +2075,10 @@ void lokit_main(const std::string& childRoot,
             instdir_path = "/" + loTemplate + "/program";
         }
 
+        // hard-random tmpdir inside the jail / root
+        std::string tmpSubdir = Util::createRandomTmpDir();
+        ::setenv("TMPDIR", tmpSubdir.c_str(), 1);
+
         {
             const char *instdir = instdir_path.c_str();
             const char *userdir = userdir_url.c_str();