From d23b55231433c13c0a0e7b62ee460bfdbe8b59cd Mon Sep 17 00:00:00 2001
From: jvoisin
Date: Sat, 1 Feb 2014 04:32:52 +0000
Subject: Fix https://labs.riseup.net/code/issues/6627

This commit changes `chmod 777` to `chmod 220` in the
secure_remove() function. Sinc ethis function is meant
to remove files, 777 is ok-ish, but 220 is safer, and
cleaner. Plus, it prevents audacious TOCTOU.
---
 MAT/mat.py | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/MAT/mat.py b/MAT/mat.py
index 05bc8da..291cd42 100644
--- a/MAT/mat.py
+++ b/MAT/mat.py
@@ -114,7 +114,7 @@ def secure_remove(filename):
     '''
     # I want the file removed, even if it's ro
     try:
-        os.chmod(filename, 0o777)
+        os.chmod(filename, 220)
     except OSError:
         logging.error('Unable to add write rights to %s' % filename)
         raise MAT.exceptions.UnableToWriteFile
-- 
cgit v1.3