diff --git a/monkey/monkey_island/cc/environment/utils.py b/monkey/monkey_island/cc/environment/utils.py index 77d1216f4..866cf5d4f 100644 --- a/monkey/monkey_island/cc/environment/utils.py +++ b/monkey/monkey_island/cc/environment/utils.py @@ -16,22 +16,19 @@ if is_windows_os(): LOG = logging.getLogger(__name__) -def create_secure_directory(path: str, create_parent_dirs: bool): +def create_secure_directory(path: str): if not os.path.isdir(path): if is_windows_os(): _create_secure_directory_windows(path) else: - _create_secure_directory_linux(path, create_parent_dirs) + _create_secure_directory_linux(path) -def _create_secure_directory_linux(path: str, create_parent_dirs: bool): +def _create_secure_directory_linux(path: str): try: - if create_parent_dirs: - # Don't split directory creation and permission setting - # because it will temporarily create an accessible directory which anyone can use. - os.makedirs(path, mode=0o700) - else: - os.mkdir(path, mode=0o700) + # Don't split directory creation and permission setting + # because it will temporarily create an accessible directory which anyone can use. + os.mkdir(path, mode=0o700) except Exception as ex: LOG.error( f'Could not create a directory at "{path}" (maybe environmental variables could not be ' diff --git a/monkey/monkey_island/cc/setup/config_setup.py b/monkey/monkey_island/cc/setup/config_setup.py index d1e3e984b..103137a91 100644 --- a/monkey/monkey_island/cc/setup/config_setup.py +++ b/monkey/monkey_island/cc/setup/config_setup.py @@ -18,7 +18,7 @@ def setup_data_dir(island_args: IslandCmdArgs) -> Tuple[IslandConfigOptions, str def _setup_config_by_cmd_arg(server_config_path) -> Tuple[IslandConfigOptions, str]: server_config_path = file_utils.expand_path(server_config_path) config = server_config_handler.load_server_config_from_file(server_config_path) - create_secure_directory(config.data_dir, create_parent_dirs=True) + create_secure_directory(config.data_dir) return config, server_config_path @@ -26,7 +26,7 @@ def _setup_default_config() -> Tuple[IslandConfigOptions, str]: default_config = server_config_handler.load_server_config_from_file(DEFAULT_SERVER_CONFIG_PATH) default_data_dir = default_config.data_dir - create_secure_directory(default_data_dir, create_parent_dirs=False) + create_secure_directory(default_data_dir) server_config_path = server_config_handler.create_default_server_config_file(default_data_dir) config = server_config_handler.load_server_config_from_file(server_config_path) diff --git a/monkey/monkey_island/cc/setup/mongo/mongo_setup.py b/monkey/monkey_island/cc/setup/mongo/mongo_setup.py index e62bbcdb7..0ab8ca0c0 100644 --- a/monkey/monkey_island/cc/setup/mongo/mongo_setup.py +++ b/monkey/monkey_island/cc/setup/mongo/mongo_setup.py @@ -35,7 +35,7 @@ def _create_db_dir(db_dir_parent_path) -> str: db_dir = os.path.join(db_dir_parent_path, DB_DIR_NAME) logger.info(f"Database content directory: {db_dir}.") - create_secure_directory(db_dir, create_parent_dirs=False) + create_secure_directory(db_dir) return db_dir diff --git a/monkey/tests/unit_tests/monkey_island/cc/environment/test_utils.py b/monkey/tests/unit_tests/monkey_island/cc/environment/test_utils.py index e8287c3a6..47e4ac8f6 100644 --- a/monkey/tests/unit_tests/monkey_island/cc/environment/test_utils.py +++ b/monkey/tests/unit_tests/monkey_island/cc/environment/test_utils.py @@ -20,38 +20,26 @@ def test_path(tmpdir): return path -def test_create_secure_directory__parent_dirs(test_path_nested): - create_secure_directory(test_path_nested, create_parent_dirs=True) - assert os.path.isdir(test_path_nested) - - def test_create_secure_directory__already_created(test_path): os.mkdir(test_path) assert os.path.isdir(test_path) - create_secure_directory(test_path, create_parent_dirs=False) + create_secure_directory(test_path) def test_create_secure_directory__no_parent_dir(test_path_nested): with pytest.raises(Exception): - create_secure_directory(test_path_nested, create_parent_dirs=False) - - -@pytest.mark.skipif(is_windows_os(), reason="Tests Posix (not Windows) permissions.") -def test_create_secure_directory__perm_linux(test_path_nested): - create_secure_directory(test_path_nested, create_parent_dirs=True) - st = os.stat(test_path_nested) - return bool(st.st_mode & stat.S_IRWXU) + create_secure_directory(test_path_nested) @pytest.mark.skipif(not is_windows_os(), reason="Tests Windows (not Posix) permissions.") def test_create_secure_directory__perm_windows(test_path): - import win32api # noqa: E402 - import win32security # noqa: E402 + import win32api + import win32security FULL_CONTROL = 2032127 ACE_TYPE_ALLOW = 0 - create_secure_directory(test_path, create_parent_dirs=False) + create_secure_directory(test_path) user_sid, _, _ = win32security.LookupAccountName("", win32api.GetUserName()) security_descriptor = win32security.GetNamedSecurityInfo(