Google APIs Client Library for C++
file_utils.h
Go to the documentation of this file.
00001 /*
00002  * \copyright Copyright 2013 Google Inc. All Rights Reserved.
00003  * \license @{
00004  *
00005  * Licensed under the Apache License, Version 2.0 (the "License");
00006  * you may not use this file except in compliance with the License.
00007  * You may obtain a copy of the License at
00008  *
00009  *     http://www.apache.org/licenses/LICENSE-2.0
00010  *
00011  * Unless required by applicable law or agreed to in writing, software
00012  * distributed under the License is distributed on an "AS IS" BASIS,
00013  * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
00014  * See the License for the specific language governing permissions and
00015  * limitations under the License.
00016  *
00017  * @}
00018  */
00019 
00020 // Author: ewiseblatt@google.com (Eric Wiseblatt)
00021 
00022 /*
00023  * @defgroup PlatformLayerFiles Platform Layer - File Support
00024  *
00025  * This module within the Platform Layer contains classes and free functions
00026  * that operate on files. They are specific to the needs of the
00027  * Google Client for C++ library so defined here rather in base/file for
00028  * internal management reasons.
00029  */
00030 #ifndef APISERVING_CLIENTS_CPP_UTIL_FILE_UTILS_H_
00031 #define APISERVING_CLIENTS_CPP_UTIL_FILE_UTILS_H_
00032 
00033 #include <sys/stat.h>
00034 #include <string>
00035 using std::string;
00036 #include "googleapis/strings/stringpiece.h"
00037 #include "googleapis/util/status.h"
00038 namespace googleapis {
00039 
00040 namespace client {
00041 
00042 /*
00043  * Helper functions for managing sensitive files.
00044  * @ingroup PlatformLayerFiles
00045  *
00046  * WARNING(ewiseblatt): 20130304
00047  * These files are not reliably secure. We are managing OS level
00048  * permissions and relying on the OS to protect the contents. We
00049  * make some attempt to securely delete the contents of files but
00050  * not necessarily robust. For truely sensitive data, consider
00051  * encrypting the files instead.
00052  */
00053 class SensitiveFileUtils {
00054  public:
00055   /*
00056    * Checks that the provided path is secure file.
00057    *
00058    * Secure paths can only be user read-writable and not a symbolic link.
00059    *
00060    * @param[in] path The path to check should be an existing file.
00061    * @param[in] writable_allowed true if path may be writable.
00062    *            false if it must be read-only.
00063    * @return ok status if it is secure,
00064    *         otherwise an error explaining the concern.
00065    */
00066   static util::Status
00067   VerifyIsSecureFile(const string& path, bool writable_allowed);
00068 
00069   /*
00070    * Checks that the provided path is a secure directory.
00071    *
00072    * @param[in] path The path to check should be an existing directoy.
00073    * @return ok status if it is secure,
00074    *         otherwise an error explaining the concern.
00075    */
00076   static util::Status VerifyIsSecureDirectory(const string& path);
00077 
00078   /*
00079    * Creates a secure directory at the specified path if it does not
00080    * already exist.
00081    *
00082    * Any directories that are created will be created wth secure permissions
00083    * (user rwx only).
00084    *
00085    * @param[in] path The desired directory path.
00086    * @return ok if the path exists as a secure directory when done.
00087    *         Otherwise an error indicating why it could not be created.
00088    */
00089   static util::Status
00090   CreateSecureDirectoryRecursively(const string& path);
00091 
00092   /*
00093    * Writes the given data to a secure file at the specified path.
00094    *
00095    * @param[in] data The data to write is considered a binary string so
00096    *                 will not be implicitly null terminated.
00097    * @param[in] path The path to write to.
00098    * @param[in] overwrite If true then overwrite any existing file at the
00099    *            path. Otherwise fail if a file already exists.
00100    * @return ok or reason for failure to write the file.
00101    */
00102   static util::Status
00103   WriteSensitiveStringToFile(
00104       const StringPiece& data, const string& path, bool overwrite);
00105 
00106   /*
00107    * Deletes the file, but does not prevent the data from being unrecoverable.
00108    *
00109    * This function will make some attempts to prevent the data from being
00110    * reovered, it is still not secure. There are many ways in which the OS
00111    * itself may have leaked some data on disk.
00112    *
00113    * @param[in] path The to the file to delete
00114    * @return ok if the file could be deleted,
00115    *         otherwise an error explaining the failure.
00116    */
00117   static util::Status DeleteSensitiveFile(const string& path);
00118 };
00119 
00120 }  // namespace client
00121 
00122 } // namespace googleapis
00123 #endif  // APISERVING_CLIENTS_CPP_UTIL_FILE_UTILS_H_
 All Classes Namespaces Files Functions Variables Typedefs Enumerations Enumerator Friends Defines