ARTEMIS-5172: Reduce the permissions on temp file.

* Ensure that the temproray large message content can only be read by the user associated with the process. * Fixing initial ARTEMIS-5172 PR which wasn't removing rw permissions. Issue: https://issues.apache.org/jira/browse/ARTEMIS-5172 Signed-off-by: Emmanuel Hugonnet <ehugonne@redhat.com>
2024-12-13 16:42:47 +01:00 · 2024-12-13 16:42:47 +01:00 · 7eaea5a7a6
parent c7ec3c7c77
commit 7eaea5a7a6
1 changed files with 3 additions and 3 deletions
--- a/artemis-core-client/src/main/java/org/apache/activemq/artemis/core/client/impl/ClientConsumerImpl.java
+++ b/artemis-core-client/src/main/java/org/apache/activemq/artemis/core/client/impl/ClientConsumerImpl.java
@ -651,9 +651,9 @@ public final class ClientConsumerImpl implements ClientConsumerInternal {

   private File createLargeMessageCache(long messageId) throws IOException {
      File largeMessageCache = File.createTempFile("tmp-large-message-" + messageId + "-", ".tmp");
-      largeMessageCache.setReadable(false);
-      largeMessageCache.setExecutable(false);
-      largeMessageCache.setWritable(false);
+      largeMessageCache.setReadable(false, false);
+      largeMessageCache.setExecutable(false, false);
+      largeMessageCache.setWritable(false, false);
      largeMessageCache.setReadable(true, true);
      largeMessageCache.setWritable(true, true);
      largeMessageCache.deleteOnExit();