diff options
author | Florian Bruhin <me@the-compiler.org> | 2020-06-16 19:10:21 +0200 |
---|---|---|
committer | Florian Bruhin <me@the-compiler.org> | 2020-06-16 19:10:21 +0200 |
commit | af3f088a8f777fd67dae2e8367d54fe8400ee86f (patch) | |
tree | 540f038828f5fb1b232f4818cac6eb273980dce6 /qutebrowser/commands | |
parent | a38620a0f92738cef7a4ce95f1cfe3336a3bf3f4 (diff) | |
download | qutebrowser-af3f088a8f777fd67dae2e8367d54fe8400ee86f.tar.gz qutebrowser-af3f088a8f777fd67dae2e8367d54fe8400ee86f.zip |
Use 0600 mode for uerscript FIFO
os.mkfifo uses mode 0666 masked with the umask, i.e. 0644 on most systems by
default. We'd like things to be more restrictive, to make sure other users
can't get any data from another users' userscript FIFO.
This shouldn't make any difference in practice because the FIFO is in
standarddir.runtime() which must have 0700 permissions (and qutebrowser creates
all standarddir directories with 0700 permissions if they don't exist).
However, it's still a good idea to restrict the permissions as a second line of
defense.
Diffstat (limited to 'qutebrowser/commands')
-rw-r--r-- | qutebrowser/commands/userscripts.py | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/qutebrowser/commands/userscripts.py b/qutebrowser/commands/userscripts.py index 57ea474d4..485161600 100644 --- a/qutebrowser/commands/userscripts.py +++ b/qutebrowser/commands/userscripts.py @@ -259,7 +259,7 @@ class _POSIXUserscriptRunner(_BaseUserscriptRunner): self._filepath = tempfile.mktemp(prefix='qutebrowser-userscript-', dir=standarddir.runtime()) # pylint: disable=no-member,useless-suppression - os.mkfifo(self._filepath) + os.mkfifo(self._filepath, mode=0o600) # pylint: enable=no-member,useless-suppression except OSError as e: self._filepath = None # Make sure it's not used |