DbmSession creates world readable db file -----------------------------------------
Key: MODPYTHON-173 URL: http://issues.apache.org/jira/browse/MODPYTHON-173 Project: mod_python Type: Bug Components: session Versions: 3.2.8 Reporter: Jim Gallacher Assigned to: Jim Gallacher Fix For: 3.2.x DbmSession uses the default mode when creating the db file. As a result the file is world readable, which may be undesirable where sensitive informaiton is stored in the session. Currently the users are required to chmod the file manually. This can be fixed by using the option mode argument when the file is opened. Quoting from the python anydbm documentation: open( filename[, flag[, mode]] The optional mode argument is the Unix mode of the file, used only when the database has to be created. It defaults to octal 0666 (and will be modified by the prevailing umask). -- This message is automatically generated by JIRA. - If you think it was sent incorrectly contact one of the administrators: http://issues.apache.org/jira/secure/Administrators.jspa - For more information on JIRA, see: http://www.atlassian.com/software/jira