-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
On 23-05-28 22:35:31, Ben Grande wrote:
> Enforce file mode and ownership for replaced files.
>
> Signed-off-by: Ben Grande <ben.grand...@gmail.com>
> ---
> qrexec/policy/admin.py | 9 +++++++++
> 1 file changed, 9 insertions(+)
>
> diff --git a/qrexec/policy/admin.py b/qrexec/policy/admin.py
> index da5bd9f..d575a6e 100644
> --- a/qrexec/policy/admin.py
> +++ b/qrexec/policy/admin.py
> @@ -19,6 +19,8 @@
>
> from typing import Optional
> from pathlib import Path
> +from pwd import getpwnam
> +from grp import getgrnam
> import contextlib
> import fcntl
> import os
> @@ -201,6 +203,13 @@ class PolicyAdmin:
>
> temp_path = path.with_name(RENAME_PREFIX + path.name)
> temp_path.write_bytes(data)
> + temp_path.chmod(0o664)
> + uid = getpwnam("root").pw_uid
> + gid = getgrnam("qubes").gr_gid
> + try:
> + os.chown(temp_path, uid, gid)
> + except PermissionError:
> + pass
> temp_path.rename(path)
>
> # Remove
> --
> Benjamin Grande
>
Reminding of unreviewed patch.
- --
Benjamin Grande
-----BEGIN PGP SIGNATURE-----
iNUEARYKAH0WIQRklnEdsUUe50UmvUUbcxS/DMyWhwUCZNZByV8UgAAAAAAuAChp
c3N1ZXItZnByQG5vdGF0aW9ucy5vcGVucGdwLmZpZnRoaG9yc2VtYW4ubmV0NjQ5
NjcxMURCMTQ1MUVFNzQ1MjZCRDQ1MUI3MzE0QkYwQ0NDOTY4NwAKCRAbcxS/DMyW
h2+pAQChwHR8kUTBFK8+znPCUM9D5JSYu59Z02pzAru7c6njFAD/bmjnZq3R9X80
JGtb3Q3s3I9mQdFytLStO/3JSGqsHwk=
=4qjs
-----END PGP SIGNATURE-----
--
You received this message because you are subscribed to the Google Groups
"qubes-devel" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to qubes-devel+unsubscr...@googlegroups.com.
To view this discussion on the web visit
https://groups.google.com/d/msgid/qubes-devel/ZNZBySzyeZlPeAZ9%40personal-mutt.
