security: ensure that on creation, the DB file only gives read-write permissions to the owner (#20)

Rolv-Apneseth · web-flow · commit 919b0fb4d1cf · 2025-10-07T23:22:31.000+01:00
* chore: bump version

* security: owner only permissions on created database file
diff --git a/.cargo/config.toml b/.cargo/config.toml
@@ -0,0 +1,2 @@
+[env]
+LIBSQLITE3_FLAGS = "-DSQLITE_DEFAULT_FILE_PERMISSIONS=0600"
diff --git a/Cargo.lock b/Cargo.lock
diff --git a/Cargo.toml b/Cargo.toml
@@ -1,7 +1,7 @@
 [package]
 name = "clipvault"
 description = "Clipboard history manager for Wayland, inspired by cliphist"
-version = "1.0.3"
+version = "1.0.4"
 edition = "2024"
 repository = "https://github.com/rolv-apneseth/clipvault"
 homepage = "https://github.com/rolv-apneseth/clipvault"
diff --git a/src/commands/clear.rs b/src/commands/clear.rs
@@ -1,12 +1,12 @@
-use std::path::PathBuf;
+use std::path::Path;
 
 use miette::Result;
 
 use crate::database::{init_db, queries::delete_all_entries};
 
 #[tracing::instrument(skip(path_db))]
-pub fn execute(path_db: PathBuf) -> Result<()> {
-    let conn = &init_db(&path_db)?;
+pub fn execute(path_db: &Path) -> Result<()> {
+    let conn = &init_db(path_db)?;
     delete_all_entries(conn)?;
     Ok(())
 }
diff --git a/src/commands/delete.rs b/src/commands/delete.rs
@@ -1,6 +1,6 @@
 use std::{
     io::{Read, stdin},
-    path::PathBuf,
+    path::Path,
 };
 
 use miette::{Context, IntoDiagnostic, Result, miette};
@@ -15,7 +15,7 @@ use crate::{
 };
 
 #[tracing::instrument(skip(path_db))]
-pub fn execute(path_db: PathBuf, args: GetDelArgs) -> Result<()> {
+pub fn execute(path_db: &Path, args: GetDelArgs) -> Result<()> {
     let GetDelArgs { input, index } = args;
 
     assert!(
@@ -31,7 +31,7 @@ pub fn execute(path_db: PathBuf, args: GetDelArgs) -> Result<()> {
     }
 }
 
-fn delete_entry(path_db: PathBuf, mut input: String) -> Result<()> {
+fn delete_entry(path_db: &Path, mut input: String) -> Result<()> {
     // Read from STDIN if no argument given
     if input.is_empty() {
         stdin()
@@ -42,12 +42,12 @@ fn delete_entry(path_db: PathBuf, mut input: String) -> Result<()> {
     }
 
     let id = extract_id(input)?;
-    let conn = &init_db(&path_db)?;
+    let conn = &init_db(path_db)?;
     delete_entry_by_id(conn, id)
 }
 
-fn delete_entry_rel(path_db: PathBuf, i: isize) -> Result<()> {
-    let conn = &init_db(&path_db)?;
+fn delete_entry_rel(path_db: &Path, i: isize) -> Result<()> {
+    let conn = &init_db(path_db)?;
 
     let len = count_entries(conn)?;
     if len == 0 {
diff --git a/src/commands/get.rs b/src/commands/get.rs
@@ -1,6 +1,6 @@
 use std::{
     io::{Read, Write, stdin, stdout},
-    path::PathBuf,
+    path::Path,
 };
 
 use miette::{Context, IntoDiagnostic, Result, miette};
@@ -18,7 +18,7 @@ use crate::{
 };
 
 #[tracing::instrument(skip(path_db))]
-pub fn execute(path_db: PathBuf, args: GetDelArgs) -> Result<()> {
+pub fn execute(path_db: &Path, args: GetDelArgs) -> Result<()> {
     let GetDelArgs { input, index } = args;
 
     assert!(
@@ -47,7 +47,7 @@ pub fn execute(path_db: PathBuf, args: GetDelArgs) -> Result<()> {
     Ok(())
 }
 
-fn get_entry(path_db: PathBuf, mut input: String) -> Result<ClipboardEntry> {
+fn get_entry(path_db: &Path, mut input: String) -> Result<ClipboardEntry> {
     // Read from STDIN if no argument given
     if input.is_empty() {
         stdin()
@@ -58,12 +58,12 @@ fn get_entry(path_db: PathBuf, mut input: String) -> Result<ClipboardEntry> {
     }
 
     let id = extract_id(input)?;
-    let conn = init_db(&path_db)?;
+    let conn = init_db(path_db)?;
     get_entry_by_id(&conn, id)
 }
 
-fn get_entry_rel(path_db: PathBuf, i: isize) -> Result<ClipboardEntry> {
-    let conn = &init_db(&path_db)?;
+fn get_entry_rel(path_db: &Path, i: isize) -> Result<ClipboardEntry> {
+    let conn = &init_db(path_db)?;
 
     let len = count_entries(conn)?;
     if len == 0 {
diff --git a/src/commands/list.rs b/src/commands/list.rs
@@ -1,6 +1,6 @@
 use std::{
     io::{Cursor, Write, stdout},
-    path::PathBuf,
+    path::Path,
 };
 
 use content_inspector::ContentType;
@@ -73,7 +73,7 @@ fn preview(id: u64, data: &[u8], width: usize) -> String {
 }
 
 #[tracing::instrument(skip(path_db))]
-pub fn execute(path_db: PathBuf, args: ListArgs) -> Result<()> {
+pub fn execute(path_db: &Path, args: ListArgs) -> Result<()> {
     let ListArgs {
         max_preview_width,
         reverse,
@@ -88,7 +88,7 @@ pub fn execute(path_db: PathBuf, args: ListArgs) -> Result<()> {
 
     // Database only needed to get the entries - avoid locking
     let entries = {
-        let conn = init_db(&path_db)?;
+        let conn = init_db(path_db)?;
         let mut entries = get_all_entries(&conn, preview_width)?;
         if reverse {
             entries.reverse();
diff --git a/src/commands/store.rs b/src/commands/store.rs
@@ -1,6 +1,6 @@
 use std::{
     io::{Read, stdin},
-    path::PathBuf,
+    path::Path,
 };
 
 use miette::{Context, IntoDiagnostic, Result, miette};
@@ -16,7 +16,7 @@ use crate::{
 };
 
 #[instrument]
-pub fn execute(path_db: PathBuf, args: StoreArgs) -> Result<()> {
+pub fn execute(path_db: &Path, args: StoreArgs) -> Result<()> {
     let StoreArgs {
         max_entries,
         max_entry_age: max_age,
@@ -47,7 +47,7 @@ pub fn execute(path_db: PathBuf, args: StoreArgs) -> Result<()> {
             // As of writing, "clear" is not yet used by `wl-clipboard`.
             "clear" => {
                 tracing::debug!("explicitly cleared clipboard");
-                return delete_all_entries(&init_db(&path_db)?);
+                return delete_all_entries(&init_db(path_db)?);
             }
             // Clipboard is empty - nothing to store
             "nil" => return Ok(()),
@@ -85,7 +85,7 @@ pub fn execute(path_db: PathBuf, args: StoreArgs) -> Result<()> {
     }
 
     // Only get DB connection after parsing STDIN - avoid locking
-    let conn = &init_db(&path_db)?;
+    let conn = &init_db(path_db)?;
 
     // Delete old entries
     let max_age = max_age.as_secs();
diff --git a/src/main.rs b/src/main.rs
@@ -24,11 +24,11 @@ fn main() -> Result<()> {
     let path_db = args.database;
 
     match args.command {
-        Commands::List(args) => commands::list::execute(path_db, args),
-        Commands::Store(args) => commands::store::execute(path_db, args),
-        Commands::Get(args) => commands::get::execute(path_db, args),
-        Commands::Delete(args) => commands::delete::execute(path_db, args),
-        Commands::Clear => commands::clear::execute(path_db),
+        Commands::List(args) => commands::list::execute(&path_db, args),
+        Commands::Store(args) => commands::store::execute(&path_db, args),
+        Commands::Get(args) => commands::get::execute(&path_db, args),
+        Commands::Delete(args) => commands::delete::execute(&path_db, args),
+        Commands::Clear => commands::clear::execute(&path_db),
     }
     .inspect_err(trace_err)
 }

Original file line number	Diff line number	Diff line change
`@@ -0,0 +1,2 @@`
	`1`	`+[env]`
	`2`	`+LIBSQLITE3_FLAGS = "-DSQLITE_DEFAULT_FILE_PERMISSIONS=0600"`