redxef/wp-cal-integration
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity

Add file permission check on config.

Browse source
This commit is contained in:
redxef 2022-10-13 01:16:37 +02:00
parent 027c4737cb
commit 8460f70216
Signed by: redxef
GPG key ID: 7DAC3AA211CBD921
1 changed files with 2 additions and 0 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

2
main.py
View file

@ -39,6 +39,8 @@ class BaseConfig(dict):
if self.file == '-': if self.file == '-':
config = yaml.load(sys.stdin, Loader=Loader) config = yaml.load(sys.stdin, Loader=Loader)
else: else:
if os.stat(self.file).st_mode & 0o777 & ~0o600:
raise Exception('refusing to load insecure configuration file, file must have permission 0o600')
with open(self.file) as fp: with open(self.file) as fp:
config = yaml.load(fp, Loader=Loader) config = yaml.load(fp, Loader=Loader)
if config is None: if config is None: