diff options
-rw-r--r-- | ChangeLog | 8 | ||||
-rw-r--r-- | eval.c | 3 | ||||
-rw-r--r-- | lib/cgi/session.rb | 2 | ||||
-rw-r--r-- | lib/cgi/session/pstore.rb | 3 |
4 files changed, 15 insertions, 1 deletions
@@ -2,6 +2,14 @@ Fri Jul 23 09:03:16 2004 Shugo Maeda <shugo@ruby-lang.org> * lib/net/imap.rb (disconnected?): new method. (backported from HEAD) +Thu Jul 22 16:41:54 2004 Yukihiro Matsumoto <matz@ruby-lang.org> + + * lib/cgi/session.rb (CGI::Session::FileStore#update): sets the + permission of the session data file to 0600. + + * lib/cgi/session/pstore.rb (CGI::Session::Pstore#initialize): + ditto. + Thu Jul 22 00:02:21 2004 Masahiro Kitajima <katonbo@katontech.com> * process.c (rb_f_system): not need to call last_status_set() any @@ -10913,10 +10913,13 @@ rb_thread_sleep(sec) void rb_thread_sleep_forever() { + int thr_critical = rb_thread_critical; if (curr_thread == curr_thread->next || curr_thread->status == THREAD_TO_KILL) { + rb_thread_critical = Qtrue; TRAP_BEG; pause(); + rb_thread_critical = thr_critical; TRAP_END; return; } diff --git a/lib/cgi/session.rb b/lib/cgi/session.rb index a44de7cb81..0bc10d013f 100644 --- a/lib/cgi/session.rb +++ b/lib/cgi/session.rb @@ -395,7 +395,7 @@ class CGI def update return unless @hash begin - f = File.open(@path, 'w') + f = File.open(@path, File::CREAT|File::TRUNC|File::RDWR, 0600) f.flock File::LOCK_EX for k,v in @hash f.printf "%s=%s\n", CGI::escape(k), CGI::escape(String(v)) diff --git a/lib/cgi/session/pstore.rb b/lib/cgi/session/pstore.rb index 8f4beb978a..f46dd57392 100644 --- a/lib/cgi/session/pstore.rb +++ b/lib/cgi/session/pstore.rb @@ -70,6 +70,9 @@ class CGI @hash = {} end @p = ::PStore.new(path) + @p.transaction do |p| + File.chmod(0600, p.path) + end end # Restore session state from the session's PStore file. |