Open a session file for writing with mode 0o600 (owner-only). Session files contain OAuth access/refresh tokens, AWS/Google/Azure cloud credentials, the Kerberos cache path, MFA OTP material, and `pass_enc_key` (the symmetric KEK used to decrypt the user's saved Postgres server pass
(path)
| 113 | |
| 114 | |
| 115 | def _open_session_file(path): |
| 116 | """Open a session file for writing with mode 0o600 (owner-only). |
| 117 | |
| 118 | Session files contain OAuth access/refresh tokens, AWS/Google/Azure |
| 119 | cloud credentials, the Kerberos cache path, MFA OTP material, |
| 120 | and `pass_enc_key` (the symmetric KEK used to decrypt the user's saved |
| 121 | Postgres server passwords). The default `open(path, 'wb')` uses the |
| 122 | process umask, which on most systems leaves files world-readable |
| 123 | (0o644). Force 0o600 so that even if the directory permissions are |
| 124 | misconfigured (e.g., a volume mount in a container with shared uids), |
| 125 | individual session files remain owner-only. |
| 126 | """ |
| 127 | fd = os.open( |
| 128 | path, |
| 129 | os.O_WRONLY | os.O_CREAT | os.O_TRUNC, |
| 130 | 0o600, |
| 131 | ) |
| 132 | return os.fdopen(fd, 'wb') |
| 133 | |
| 134 | |
| 135 | sess_lock = Lock() |
no test coverage detected