Re: [ovs-dev] [ovs-bugtool 3/4] ovs-bugtool: Turn off "group" and "other" permissions for generated files.

Ethan Jackson Mon, 11 Jul 2011 18:32:14 -0700

Looks Good.

Ethan


On Thu, Jun 30, 2011 at 14:57, Ben Pfaff <b...@nicira.com> wrote:
> ovs-bugtool's output is potentially sensitive, so it seems best not to
> allow anyone but the owner to read it.  This commit disables "group" and
> "other" bits in the Unix ACL.
> ---
>  utilities/ovs-bugtool |    5 +++++
>  1 files changed, 5 insertions(+), 0 deletions(-)
>
> diff --git a/utilities/ovs-bugtool b/utilities/ovs-bugtool
> index 4f0038e..f5fdb00 100755
> --- a/utilities/ovs-bugtool
> +++ b/utilities/ovs-bugtool
> @@ -898,7 +898,9 @@ def make_tar(subdir, suffix, output_fd, output_file):
>             filename = "%s/%s.%s" % (BUG_DIR, subdir, suffix)
>         else:
>             filename = output_file
> +        old_umask = os.umask(0077)
>         tf = tarfile.open(filename, mode)
> +        os.umask(old_umask)
>     else:
>         tf = tarfile.open(None, 'w', os.fdopen(output_fd, 'a'))
>
> @@ -939,7 +941,10 @@ def make_zip(subdir, output_file):
>         filename = "%s/%s.zip" % (BUG_DIR, subdir)
>     else:
>         filename = output_file
> +
> +    old_umask = os.umask(0077)
>     zf = zipfile.ZipFile(filename, 'w', zipfile.ZIP_DEFLATED)
> +    os.umask(old_umask)
>
>     try:
>         for (k, v) in data.items():
> --
> 1.7.4.4
>
> _______________________________________________
> dev mailing list
> dev@openvswitch.org
> http://openvswitch.org/mailman/listinfo/dev
>
_______________________________________________
dev mailing list
dev@openvswitch.org
http://openvswitch.org/mailman/listinfo/dev

Re: [ovs-dev] [ovs-bugtool 3/4] ovs-bugtool: Turn off "group" and "other" permissions for generated files.

Reply via email to