quetz-mod_python-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Jim Gallacher (JIRA)" <j...@apache.org>
Subject [jira] Created: (MODPYTHON-173) DbmSession creates world readable db file
Date Fri, 23 Jun 2006 00:02:29 GMT
DbmSession creates world readable db file
-----------------------------------------

         Key: MODPYTHON-173
         URL: http://issues.apache.org/jira/browse/MODPYTHON-173
     Project: mod_python
        Type: Bug

  Components: session  
    Versions: 3.2.8    
    Reporter: Jim Gallacher
 Assigned to: Jim Gallacher 
     Fix For: 3.2.x


DbmSession uses the default mode when creating the db file. As a result the file is world
readable, which may be undesirable where sensitive informaiton is stored in the session. Currently
the users are required to chmod the file manually. This can be fixed by using the option mode
argument when the file is opened.

Quoting from the python anydbm documentation:

open(  	filename[, flag[, mode]]

The optional mode argument is the Unix mode of the file, used only when the database has to
be created. It defaults to octal 0666 (and will be modified by the prevailing umask).


-- 
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators:
   http://issues.apache.org/jira/secure/Administrators.jspa
-
For more information on JIRA, see:
   http://www.atlassian.com/software/jira


Mime
View raw message