Bug#946631: profitbricks-sdk-python: store plain-text world-readible login details

Thu, 12 Dec 2019 02:46:02 -0800 

Package: python3-profitbricks
Version: 4.1.3-3

  98     def _save_config(self, filename=None):
  99         """
 100         Save the given user configuration.
 101         """
 102         if filename is None:
 103             filename = self._config_filename
 104         parent_path = os.path.dirname(filename)
 105         if not os.path.isdir(parent_path):
 106             os.makedirs(parent_path)
 107         with open(filename, "w") as configfile:
 108             self._config.write(configfile)

 144     def _get_password(self, password, use_config=True, 
config_filename=None,
 145                       use_keyring=HAS_KEYRING):

 163         if not password and use_config:
 164             if self._config is None:
 165                 self._read_config(config_filename)
 166             password = self._config.get("credentials", "password", 
fallback=None)

 186                     password = getpass.getpass(question)
 187                     store_plaintext_passwords = self._config.get(
 188                         "preferences", "store-plaintext-passwords", 
fallback=None)
 189                     if store_plaintext_passwords != "no":
 190                         question = ("Do you want to store your password in 
plain text in " +
 191                                     self._config_filename())
 192                         answer = ask(question, ["yes", "no", "never"], 
"no")
 193                         if answer == "yes":
 194                             self._config.set("credentials", "password", 
password)
 195                             self._save_config()


Now, I haven't tried, but I know I now have this file:
|-rw-r--r-- 1 mattia mattia 44 Dec 11 17:20 
/home/mattia/.config/profitbricks-sdk-python.ini
that is world-readible.
At this time it only contains my username:
|% cat ~/.config/profitbricks-sdk-python.ini
|[credentials]
|username = [email protected]
|
|%
But I believe that if I set that "store-plaintext-passwords" magic
switch, however well the library tries to have the user not to, it would
then store the password in a world-readible file.
If the user wants to shoot itself in the foot, at least please help him
dodge the bullet a bit by making the file 600 and not the umask's
default (644).

I'm relieved that at least that by default it saved the password in the
keyring (I hope) :)
-- 
regards,
                        Mattia Rizzolo

GPG Key: 66AE 2B4A FCCF 3F52 DA18  4D18 4B04 3FCD B944 4540      .''`.
More about me:  https://mapreri.org                             : :'  :
Launchpad user: https://launchpad.net/~mapreri                  `. `'`
Debian QA page: https://qa.debian.org/developer.php?login=mattia  `-

Attachment: signature.asc
Description: PGP signature

Reply via email to