On Thu, Jan 15, 2009 at 12:23:13AM +0000, Colin Watson wrote:
> On Wed, Jan 14, 2009 at 11:18:35AM -0800, Kees Cook wrote:
> > launchpad.credentials.save(open(credfile,"w",0600) )
> Isn't the third argument to Python's open() the buffer size, not the
> file mode? That's what the documentation says, anyway.
UUuurg, this is what I get for switching languages so much.
catching that. (Luckily my mkdir worked as expected, which makes the
latter goof less of an issue.)
> I think you need:
> launchpad = Launchpad.get_token_and_login(sys.argv, EDGE_SERVICE_ROOT, cachedir)
> credfd = open(credfile, "w")
> os.chmod(credfile, 0600)
> Python didn't have fchmod until 2.6 so this is a little awkward, but it
> does the job.
Now I have to redeem my embarrassment by suggesting this as a way to avoid
the create/chmod race when fchmod is unavailable:
credfd = tempfile.NamedTemporaryFile(dir=os.path.dirname(cr edfile))
The link will fail if the target exists, and the close will clean up the
original file. Wheee
Ubuntu Security Team
ubuntu-devel mailing list
Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-devel