From 4637f18bcbe076ac9e9bf7d9e5812819f2c5f2e4 Mon Sep 17 00:00:00 2001 From: Luca Falavigna Date: Sun, 4 Mar 2012 19:31:53 +0000 Subject: [PATCH] When rejecting packages, make .changes files world readable (Closes: #156876) Signed-off-by: Luca Falavigna --- daklib/queue.py | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/daklib/queue.py b/daklib/queue.py index 9d1e3866..85c85f92 100755 --- a/daklib/queue.py +++ b/daklib/queue.py @@ -2425,11 +2425,15 @@ distribution.""" reason_filename = self.pkg.changes_file[:-8] + ".reason" reason_filename = os.path.join(cnf["Dir::Reject"], reason_filename) + changesfile = os.path.join(cnf["Dir::Reject"], self.pkg.changes_file) # Move all the files into the reject directory reject_files = self.pkg.files.keys() + [self.pkg.changes_file] self.force_reject(reject_files) + # Change permissions of the .changes file to be world readable + os.chmod(changesfile, os.stat(changesfile).st_mode | stat.S_IROTH) + # If we fail here someone is probably trying to exploit the race # so let's just raise an exception ... if os.path.exists(reason_filename): -- 2.39.5