class Dir

Public Class Methods

assert_secure(path) click to toggle source

assert_secure checks that if a path exists it has minimally writable permissions. If not, it prints an error and exits. It only works on POSIX systems. Patches for other systems are welcome.

# File lib/inline.rb, line 897
def self.assert_secure(path)
  mode = File.stat(path).mode
  unless ((mode % 01000) & 0022) == 0 then
    if $TESTING then
      raise SecurityError, "Directory #{path} is insecure"
      abort "#{path} is insecure (#{'%o' % mode}). It may not be group or world writable. Exiting."
rescue Errno::ENOENT
  # If it ain't there, it's certainly secure