* manage-credentials: Tighted security by making credentials files and

folder world unreadable.
2025-03-13 08:01:09 +00:00 · 2009-01-15 13:08:20 +00:00 · 2009-01-15 13:08:20 +00:00 · 743154a9c8
commit 743154a9c8
parent 2446993726
2 changed files with 15 additions and 8 deletions
--- a/debian/changelog
+++ b/debian/changelog
@ -1,6 +1,7 @@
-ubuntu-dev-tools (0.56) jaunty; urgency=low
+ubuntu-dev-tools (0.56) UNRELEASED; urgency=low

-  * Changes go here.
+  * manage-credentials: Tighted security by making credentials files and
+    folder world unreadable.

 -- Jonathan Davies <jpds@ubuntu.com>  Thu, 15 Jan 2009 12:35:12 +0000

--- a/18
+++ b/18
@ -101,15 +101,21 @@ def create_credentials(options):
        credentials = launchpad.credentials
    
    if options.output:
-        f = file(options.output, "w")
+        filepath = options.output
    else:
-        if not os.path.isdir(os.path.expanduser("~/.cache/lp_credentials")):
-            mkdir(os.path.expanduser("~/.cache/lp_credentials/"))
-        filepath = os.path.expanduser("~/.cache/lp_credentials/%s-%s.txt" % \
-            (options.consumer, str(options.level).lower()))
-        f = file(filepath, "w")
+        credentialsDir = os.path.expanduser("~/.cache/lp_credentials")
+        if not os.path.isdir(credentialsDir):
+            mkdir(credentialsDir)
+        os.chmod(credentialsDir, 0700)
+        filepath = os.path.expanduser("%s/%s-%s.txt" % \
+            (credentialsDir, options.consumer, str(options.level).lower()))

+    f = open(filepath, "w")
+    # Make credentials file non-world readable.
+    os.chmod(filepath, 0600)
    credentials.save(f)
+    f.close()
+
    print "Credentials sucessfully written to %s." % filepath

    return