[Yum-devel] [PATCH 1/2] make sure history dbs are readable only by root - suggested by Josh Bressers
James Antill
james at fedoraproject.org
Wed Dec 9 21:15:18 UTC 2009
On Wed, 2009-12-09 at 13:18 -0500, Seth Vidal wrote:
> ---
> yum/history.py | 6 ++++++
> 1 files changed, 6 insertions(+), 0 deletions(-)
>
> diff --git a/yum/history.py b/yum/history.py
> index 095c76b..5a1c5e0 100644
> --- a/yum/history.py
> +++ b/yum/history.py
> @@ -620,6 +620,12 @@ class YumHistory:
> if self._db_file == _db_file:
> os.rename(_db_file, _db_file + '.old')
> self._db_file = _db_file
> +
> + if self.conf.writable and not os.path.exists(self._db_file):
> + # make them default to 0600 - sysadmin can change it later
> + # if they want
> + fo = os.open(self._db_file, os.O_CREAT, 0600)
> + os.close(fo)
ACK, it's ugly as smeg but I can't think of a better way.
More information about the Yum-devel
mailing list