quetz-mod_python-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Graham Dumpleton (JIRA)" <j...@apache.org>
Subject [jira] Resolved: (MODPYTHON-173) DbmSession creates world readable db file
Date Sat, 29 Jul 2006 10:18:14 GMT
     [ http://issues.apache.org/jira/browse/MODPYTHON-173?page=all ]

Graham Dumpleton resolved MODPYTHON-173.
----------------------------------------

    Fix Version/s: 3.3
       Resolution: Fixed

> DbmSession creates world readable db file
> -----------------------------------------
>
>                 Key: MODPYTHON-173
>                 URL: http://issues.apache.org/jira/browse/MODPYTHON-173
>             Project: mod_python
>          Issue Type: Bug
>          Components: session
>    Affects Versions: 3.2.8
>            Reporter: Jim Gallacher
>         Assigned To: Jim Gallacher
>             Fix For: 3.3, 3.2.x
>
>
> DbmSession uses the default mode when creating the db file. As a result the file is world
readable, which may be undesirable where sensitive informaiton is stored in the session. Currently
the users are required to chmod the file manually. This can be fixed by using the option mode
argument when the file is opened.
> Quoting from the python anydbm documentation:
> open(  	filename[, flag[, mode]]
> The optional mode argument is the Unix mode of the file, used only when the database
has to be created. It defaults to octal 0666 (and will be modified by the prevailing umask).

-- 
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators: http://issues.apache.org/jira/secure/Administrators.jspa
-
For more information on JIRA, see: http://www.atlassian.com/software/jira

        

Mime
View raw message