forked from p15670423/monkey
Fixed a race condition for linux secure directory creation, by setting dir permissions on creation.
This commit is contained in:
VakarisZ
parent
2fc726dc78
commit
36e0309409
|
|
@ -1,7 +0,0 @@
|
|||
import os
|
||||
import stat
|
||||
|
||||
|
||||
def set_perms_to_owner_only(path: str):
|
||||
# Read, write, and execute by owner
|
||||
os.chmod(path, stat.S_IRWXU)
|
||||
|
|
@ -9,24 +9,24 @@ def is_windows_os() -> bool:
|
|||
|
||||
if is_windows_os():
|
||||
import monkey_island.cc.environment.windows_permissions as windows_permissions
|
||||
else:
|
||||
import monkey_island.cc.environment.linux_permissions as linux_permissions # noqa: E402
|
||||
|
||||
LOG = logging.getLogger(__name__)
|
||||
|
||||
|
||||
def create_secure_directory(path: str, create_parent_dirs: bool):
|
||||
if not os.path.isdir(path):
|
||||
create_directory(path, create_parent_dirs)
|
||||
_create_secure_directory(path, create_parent_dirs)
|
||||
set_secure_permissions(path)
|
||||
|
||||
|
||||
def create_directory(path: str, create_parent_dirs: bool):
|
||||
def _create_secure_directory(path: str, create_parent_dirs: bool):
|
||||
try:
|
||||
if create_parent_dirs:
|
||||
os.makedirs(path)
|
||||
# Don't split directory creation and permission setting
|
||||
# because it will temporarily create an accessible directory which anyone can use.
|
||||
os.makedirs(path, mode=0o700)
|
||||
else:
|
||||
os.mkdir(path)
|
||||
os.mkdir(path, mode=0o700)
|
||||
except Exception as ex:
|
||||
LOG.error(
|
||||
f'Could not create a directory at "{path}" (maybe environmental variables could not be '
|
||||
|
|
@ -39,8 +39,6 @@ def set_secure_permissions(dir_path: str):
|
|||
try:
|
||||
if is_windows_os():
|
||||
windows_permissions.set_perms_to_owner_only(folder_path=dir_path)
|
||||
else:
|
||||
linux_permissions.set_perms_to_owner_only(path=dir_path)
|
||||
except Exception as ex:
|
||||
LOG.error(f"Permissions could not be set successfully for {dir_path}: {str(ex)}")
|
||||
raise ex
|
||||
|
|
|
|||
|
|
@ -8,9 +8,7 @@ from monkey_island.cc.environment.utils import create_secure_directory, is_windo
|
|||
|
||||
@pytest.fixture
|
||||
def test_path_nested(tmpdir):
|
||||
nested_path = "test1/test2/test3"
|
||||
path = os.path.join(tmpdir, nested_path)
|
||||
|
||||
path = os.path.join(tmpdir, "test1", "test2", "test3")
|
||||
return path
|
||||
|
||||
|
||||
|
|
|
|||
Loading…
Reference in New Issue