Add file permission check on config.
This commit is contained in:
parent
027c4737cb
commit
8460f70216
1 changed files with 2 additions and 0 deletions
2
main.py
2
main.py
|
@ -39,6 +39,8 @@ class BaseConfig(dict):
|
|||
if self.file == '-':
|
||||
config = yaml.load(sys.stdin, Loader=Loader)
|
||||
else:
|
||||
if os.stat(self.file).st_mode & 0o777 & ~0o600:
|
||||
raise Exception('refusing to load insecure configuration file, file must have permission 0o600')
|
||||
with open(self.file) as fp:
|
||||
config = yaml.load(fp, Loader=Loader)
|
||||
if config is None:
|
||||
|
|
Loading…
Reference in a new issue