fedpkg

Clone

#592 Check that auth tokens aren’t written to world-readable files
Merged 12 days ago by onosek. Opened 24 days ago by mavit.
mavit/fedpkg conf-permissions  into  master

file modified
+19 
@@ -2499,3 +2499,22 @@ 
 

          except rpkgError as error:
 

              expected_error = "ERROR: Token is not properly formatted."
 

              self.assertEqual(error, expected_error)
 

+ 

+     @patch('getpass.getpass')
 

+     def test_token_readable_only_by_user(self, mock_getpass):
 

+ 

+         TOKEN = "".join(['X' for _ in range(64)])
 

+ 

+         cli_cmd = ['fedpkg', 'set-pagure-token']
 

+         cli = self.get_cli(cli_cmd)
 

+         mock_getpass.return_value = TOKEN
 

+ 

+         old_umask = os.umask(0)
 

+         cli.set_pagure_token()
 

+         os.umask(old_umask)
 

+ 

+         PATH = os.path.join(os.path.expanduser('~'),
 

+                             '.config',
 

+                             'rpkg',
 

+                             '{0}.conf'.format(cli.name))
 

+         self.assertEqual(os.stat(PATH).st_mode & 0o077, 0)

rebased onto d3db726
18 days ago

Thanks for the change.

Pull-Request has been merged by onosek
12 days ago
Metadata
None
No Tags
Changes Summary 1
+19 -0
file changed
test/test_cli.py
Powered by Pagure 5.14.1
DocumentationFile an IssueAboutSSH Hostkey/Fingerprint
© Red Hat, Inc. and others.