1
0
mirror of https://github.com/etesync/server synced 2024-11-22 08:48:07 +00:00

fix: don't create secrets file as world-readable (#136)

This commit is contained in:
Xiretza 2022-05-09 16:17:56 +02:00 committed by GitHub
parent b620d0a39c
commit 70b753cd31
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23

View File

@ -13,6 +13,8 @@
# along with this program. If not, see <http://www.gnu.org/licenses/>. # along with this program. If not, see <http://www.gnu.org/licenses/>.
from django.core.management import utils from django.core.management import utils
import os
import stat
def get_secret_from_file(path): def get_secret_from_file(path):
@ -21,6 +23,7 @@ def get_secret_from_file(path):
return f.read().strip() return f.read().strip()
except EnvironmentError: except EnvironmentError:
with open(path, "w") as f: with open(path, "w") as f:
os.chmod(path, stat.S_IRUSR | stat.S_IWUSR)
secret_key = utils.get_random_secret_key() secret_key = utils.get_random_secret_key()
f.write(secret_key) f.write(secret_key)
return secret_key return secret_key