nimbus-eth2/beacon_chain/filepath.nim

import chronicles
import stew/io2
export io2

when defined(windows):
  import stew/[windows/acl]

proc secureCreatePath*(path: string): IoResult[void] =
  when defined(windows):
    let sres = createFoldersUserOnlySecurityDescriptor()
    if sres.isErr():
      error "Could not allocate security descriptor", path = path,
            errorMsg = ioErrorMsg(sres.error), errorCode = $sres.error
      err(sres.error)
    else:
      var sd = sres.get()
      createPath(path, 0o750, secDescriptor = sd.getDescriptor())
  else:
    createPath(path, 0o750)

proc secureWriteFile*[T: byte|char](path: string,
                                    data: openArray[T]): IoResult[void] =
  when defined(windows):
    let sres = createFilesUserOnlySecurityDescriptor()
    if sres.isErr():
      error "Could not allocate security descriptor", path = path,
            errorMsg = ioErrorMsg(sres.error), errorCode = $sres.error
      err(sres.error)
    else:
      var sd = sres.get()
      writeFile(path, data, 0o600, secDescriptor = sd.getDescriptor())
  else:
    writeFile(path, data, 0o600)
Regression fix of eth2_network_simulation on Windows. (#1900) * Concentrate all sensitive writeFile/createPath calls in one place. Fix eth2_network_simulation for Windows. * Remove artifacts. * fix import Co-authored-by: Jacek Sieka <jacek@status.im> 2020-10-27 11:04:17 +00:00			`import chronicles`
			`import stew/io2`
			`export io2`

			`when defined(windows):`
			`import stew/[windows/acl]`

			`proc secureCreatePath*(path: string): IoResult[void] =`
			`when defined(windows):`
			`let sres = createFoldersUserOnlySecurityDescriptor()`
			`if sres.isErr():`
			`error "Could not allocate security descriptor", path = path,`
			`errorMsg = ioErrorMsg(sres.error), errorCode = $sres.error`
			`err(sres.error)`
			`else:`
			`var sd = sres.get()`
			`createPath(path, 0o750, secDescriptor = sd.getDescriptor())`
			`else:`
			`createPath(path, 0o750)`

			`proc secureWriteFile*[T: byte\|char](path: string,`
			`data: openArray[T]): IoResult[void] =`
			`when defined(windows):`
			`let sres = createFilesUserOnlySecurityDescriptor()`
			`if sres.isErr():`
			`error "Could not allocate security descriptor", path = path,`
			`errorMsg = ioErrorMsg(sres.error), errorCode = $sres.error`
			`err(sres.error)`
			`else:`
			`var sd = sres.get()`
			`writeFile(path, data, 0o600, secDescriptor = sd.getDescriptor())`
			`else:`
			`writeFile(path, data, 0o600)`