(filename, hasEnabledKeys)
| 199 | |
| 200 | # Fixes permissions on a sensitive file. |
| 201 | def fixSensitiveFilePermissions(filename, hasEnabledKeys): |
| 202 | if hasEnabledKeys: |
| 203 | logger.warning('Keyfile had insecure permissions, and there were enabled keys. ' |
| 204 | 'The truly paranoid should stop using them immediately.') |
| 205 | else: |
| 206 | logger.warning('Keyfile had insecure permissions, but there were no enabled keys.') |
| 207 | try: |
| 208 | present_permissions = os.stat(filename)[0] |
| 209 | disallowed_permissions = stat.S_IRWXG | stat.S_IRWXO |
| 210 | allowed_permissions = ((1<<32)-1) ^ disallowed_permissions |
| 211 | new_permissions = ( |
| 212 | allowed_permissions & present_permissions) |
| 213 | os.chmod(filename, new_permissions) |
| 214 | |
| 215 | logger.info('Keyfile permissions automatically fixed.') |
| 216 | |
| 217 | except Exception, e: |
| 218 | logger.exception('Keyfile permissions could not be fixed.') |
| 219 | raise |
| 220 | |
| 221 | def isBitSetWithinBitfield(fourByteString, n): |
| 222 | # Uses MSB 0 bit numbering across 4 bytes of data |
no outgoing calls
no test coverage detected