[Yum-devel] [PATCH 1/2] make sure history dbs are readable only by root - suggested by Josh Bressers
Seth Vidal
skvidal at fedoraproject.org
Wed Dec 9 18:18:17 UTC 2009
---
yum/history.py | 6 ++++++
1 files changed, 6 insertions(+), 0 deletions(-)
diff --git a/yum/history.py b/yum/history.py
index 095c76b..5a1c5e0 100644
--- a/yum/history.py
+++ b/yum/history.py
@@ -620,6 +620,12 @@ class YumHistory:
if self._db_file == _db_file:
os.rename(_db_file, _db_file + '.old')
self._db_file = _db_file
+
+ if self.conf.writable and not os.path.exists(self._db_file):
+ # make them default to 0600 - sysadmin can change it later
+ # if they want
+ fo = os.open(self._db_file, os.O_CREAT, 0600)
+ os.close(fo)
cur = self._get_cursor()
ops = ['''\
--
1.6.5.2
More information about the Yum-devel
mailing list