Fix https://labs.riseup.net/code/issues/6627

This commit changes `chmod 777` to `chmod 220` in the secure_remove() function. Sinc ethis function is meant to remove files, 777 is ok-ish, but 220 is safer, and cleaner. Plus, it prevents audacious TOCTOU.
author: jvoisin 2014-02-01 04:32:52 +0000
committer: jvoisin 2014-02-01 04:32:52 +0000
commit: d23b55231433c13c0a0e7b62ee460bfdbe8b59cd (patch)
tree: 1ae332862d598c2bbe2bf1b72f9a309339c59e71 /MAT/mat.py
parent: a9b3e8a08223f8582a1c96051add2d06c5101838 (diff)
1 files changed, 1 insertions, 1 deletions
diff --git a/MAT/mat.py b/MAT/mat.py
index 05bc8da..291cd42 100644
--- a/MAT/mat.py
+++ b/MAT/mat.py
@@ -114,7 +114,7 @@ def secure_remove(filename):
    '''
    # I want the file removed, even if it's ro
    try:
-        os.chmod(filename, 0o777)
+        os.chmod(filename, 220)
    except OSError:
        logging.error('Unable to add write rights to %s' % filename)
        raise MAT.exceptions.UnableToWriteFile
author	jvoisin	2014-02-01 04:32:52 +0000
committer	jvoisin	2014-02-01 04:32:52 +0000
commit	d23b55231433c13c0a0e7b62ee460bfdbe8b59cd (patch)
tree	1ae332862d598c2bbe2bf1b72f9a309339c59e71 /MAT/mat.py
parent	a9b3e8a08223f8582a1c96051add2d06c5101838 (diff)

diff --git a/MAT/mat.py b/MAT/mat.py index 05bc8da..291cd42 100644 --- a/MAT/mat.py +++ b/MAT/mat.py
@@ -114,7 +114,7 @@ def secure_remove(filename):
114	'''	114	'''
115	# I want the file removed, even if it's ro	115	# I want the file removed, even if it's ro
116	try:	116	try:
117	os.chmod(filename, 0o777)	117	os.chmod(filename, 220)
118	except OSError:	118	except OSError:
119	logging.error('Unable to add write rights to %s' % filename)	119	logging.error('Unable to add write rights to %s' % filename)
120	raise MAT.exceptions.UnableToWriteFile	120	raise MAT.exceptions.UnableToWriteFile