From 36e03094098b2cd18528b62f0aced0eabe5b05c3 Mon Sep 17 00:00:00 2001
From: VakarisZ <vakarisz@yahoo.com>
Date: Thu, 10 Jun 2021 11:44:50 +0300
Subject: [PATCH] Fixed a race condition for linux secure directory creation,
 by setting dir permissions on creation.

---
 .../cc/environment/linux_permissions.py            |  7 -------
 monkey/monkey_island/cc/environment/utils.py       | 14 ++++++--------
 .../monkey_island/cc/environment/test_utils.py     |  4 +---
 3 files changed, 7 insertions(+), 18 deletions(-)
 delete mode 100644 monkey/monkey_island/cc/environment/linux_permissions.py

diff --git a/monkey/monkey_island/cc/environment/linux_permissions.py b/monkey/monkey_island/cc/environment/linux_permissions.py
deleted file mode 100644
index 2280c7637..000000000
--- a/monkey/monkey_island/cc/environment/linux_permissions.py
+++ /dev/null
@@ -1,7 +0,0 @@
-import os
-import stat
-
-
-def set_perms_to_owner_only(path: str):
-    # Read, write, and execute by owner
-    os.chmod(path, stat.S_IRWXU)
diff --git a/monkey/monkey_island/cc/environment/utils.py b/monkey/monkey_island/cc/environment/utils.py
index 907e30d47..dbed504f2 100644
--- a/monkey/monkey_island/cc/environment/utils.py
+++ b/monkey/monkey_island/cc/environment/utils.py
@@ -9,24 +9,24 @@ def is_windows_os() -> bool:
 
 if is_windows_os():
     import monkey_island.cc.environment.windows_permissions as windows_permissions
-else:
-    import monkey_island.cc.environment.linux_permissions as linux_permissions  # noqa: E402
 
 LOG = logging.getLogger(__name__)
 
 
 def create_secure_directory(path: str, create_parent_dirs: bool):
     if not os.path.isdir(path):
-        create_directory(path, create_parent_dirs)
+        _create_secure_directory(path, create_parent_dirs)
         set_secure_permissions(path)
 
 
-def create_directory(path: str, create_parent_dirs: bool):
+def _create_secure_directory(path: str, create_parent_dirs: bool):
     try:
         if create_parent_dirs:
-            os.makedirs(path)
+            # Don't split directory creation and permission setting
+            # because it will temporarily create an accessible directory which anyone can use.
+            os.makedirs(path, mode=0o700)
         else:
-            os.mkdir(path)
+            os.mkdir(path, mode=0o700)
     except Exception as ex:
         LOG.error(
             f'Could not create a directory at "{path}" (maybe environmental variables could not be '
@@ -39,8 +39,6 @@ def set_secure_permissions(dir_path: str):
     try:
         if is_windows_os():
             windows_permissions.set_perms_to_owner_only(folder_path=dir_path)
-        else:
-            linux_permissions.set_perms_to_owner_only(path=dir_path)
     except Exception as ex:
         LOG.error(f"Permissions could not be set successfully for {dir_path}: {str(ex)}")
         raise ex
diff --git a/monkey/tests/unit_tests/monkey_island/cc/environment/test_utils.py b/monkey/tests/unit_tests/monkey_island/cc/environment/test_utils.py
index c373bc84a..e8287c3a6 100644
--- a/monkey/tests/unit_tests/monkey_island/cc/environment/test_utils.py
+++ b/monkey/tests/unit_tests/monkey_island/cc/environment/test_utils.py
@@ -8,9 +8,7 @@ from monkey_island.cc.environment.utils import create_secure_directory, is_windo
 
 @pytest.fixture
 def test_path_nested(tmpdir):
-    nested_path = "test1/test2/test3"
-    path = os.path.join(tmpdir, nested_path)
-
+    path = os.path.join(tmpdir, "test1", "test2", "test3")
     return path