47 lines
1.1 KiB
Plaintext
47 lines
1.1 KiB
Plaintext
include::../description.adoc[]
|
|
|
|
include::../ask-yourself.adoc[]
|
|
|
|
include::../recommended.adoc[]
|
|
|
|
== Sensitive Code Example
|
|
|
|
For https://docs.python.org/3/library/os.html#os.umask[os.umask]:
|
|
|
|
----
|
|
os.umask(0) # Sensitive
|
|
----
|
|
|
|
For https://docs.python.org/3/library/os.html#os.chmod[os.chmod], https://docs.python.org/3/library/os.html#os.lchmod[os.lchmod], and https://docs.python.org/3/library/os.html#os.fchmod[os.fchmod]:
|
|
|
|
----
|
|
os.chmod("/tmp/fs", stat.S_IRWXO) # Sensitive
|
|
os.lchmod("/tmp/fs", stat.S_IRWXO) # Sensitive
|
|
os.fchmod(fd, stat.S_IRWXO) # Sensitive
|
|
----
|
|
|
|
== Compliant Solution
|
|
|
|
For https://docs.python.org/3/library/os.html#os.umask[os.umask]:
|
|
|
|
----
|
|
os.umask(0o777)
|
|
----
|
|
|
|
For https://docs.python.org/3/library/os.html#os.chmod[os.chmod], https://docs.python.org/3/library/os.html#os.lchmod[os.lchmod], and https://docs.python.org/3/library/os.html#os.fchmod[os.fchmod]:
|
|
|
|
----
|
|
os.chmod("/tmp/fs", stat.S_IRWXU)
|
|
os.lchmod("/tmp/fs", stat.S_IRWXU)
|
|
os.fchmod(fd, stat.S_IRWXU)
|
|
----
|
|
|
|
include::../see.adoc[]
|
|
|
|
ifdef::rspecator-view[]
|
|
== Comments And Links
|
|
(visible only on this page)
|
|
|
|
include::../comments-and-links.adoc[]
|
|
endif::rspecator-view[]
|