[ovs-dev] [ovs-bugtool 3/4] ovs-bugtool: Turn off "group" and "other" permissions for generated files.

Ben Pfaff blp at nicira.com
Tue Jul 12 16:38:34 UTC 2011


Might as well make the two cases consistent, so I dropped the extra
new line.

Thanks,

Ben.

On Mon, Jul 11, 2011 at 08:04:56PM -0700, Reid Price wrote:
> LGTM too, not sure if you added the new empty line on purpose
> 
> On Mon, Jul 11, 2011 at 6:31 PM, Ethan Jackson <ethan at nicira.com> wrote:
> 
> > Looks Good.
> >
> > Ethan
> >
> > On Thu, Jun 30, 2011 at 14:57, Ben Pfaff <blp at nicira.com> wrote:
> > > ovs-bugtool's output is potentially sensitive, so it seems best not to
> > > allow anyone but the owner to read it.  This commit disables "group" and
> > > "other" bits in the Unix ACL.
> > > ---
> > >  utilities/ovs-bugtool |    5 +++++
> > >  1 files changed, 5 insertions(+), 0 deletions(-)
> > >
> > > diff --git a/utilities/ovs-bugtool b/utilities/ovs-bugtool
> > > index 4f0038e..f5fdb00 100755
> > > --- a/utilities/ovs-bugtool
> > > +++ b/utilities/ovs-bugtool
> > > @@ -898,7 +898,9 @@ def make_tar(subdir, suffix, output_fd, output_file):
> > >             filename = "%s/%s.%s" % (BUG_DIR, subdir, suffix)
> > >         else:
> > >             filename = output_file
> > > +        old_umask = os.umask(0077)
> > >         tf = tarfile.open(filename, mode)
> > > +        os.umask(old_umask)
> > >     else:
> > >         tf = tarfile.open(None, 'w', os.fdopen(output_fd, 'a'))
> > >
> > > @@ -939,7 +941,10 @@ def make_zip(subdir, output_file):
> > >         filename = "%s/%s.zip" % (BUG_DIR, subdir)
> > >     else:
> > >         filename = output_file
> > > +
> > > +    old_umask = os.umask(0077)
> > >     zf = zipfile.ZipFile(filename, 'w', zipfile.ZIP_DEFLATED)
> > > +    os.umask(old_umask)
> > >
> > >     try:
> > >         for (k, v) in data.items():
> > > --
> > > 1.7.4.4
> > >
> > > _______________________________________________
> > > dev mailing list
> > > dev at openvswitch.org
> > > http://openvswitch.org/mailman/listinfo/dev
> > >
> > _______________________________________________
> > dev mailing list
> > dev at openvswitch.org
> > http://openvswitch.org/mailman/listinfo/dev
> >



More information about the dev mailing list