Page MenuHomeDevCentral
Create Task
Maniphest T1292

userlist.db is saved in 644
Open, HighPublic
Actions

Description

The darkbot's user accounts are stored in an userlist.db file.

This file should be chmoded in 640, so people outside the nasqueron-irc group can't have access to the encrypted passwords list.

D1069 chmod correctly the file, but when the bot saves it again, it does with an umask 022, and so chmoded in 644.

As a consequence, we can't create new users in Odderon right now.

To solve this, identify the function saving the file in rDARKBOT and ensure it does with at least a 007 umask or honour actual file chmod.

Related Objects

Event Timeline

dereckson created this task.Oct 29 2017, 17:00
dereckson updated the task description. (Show Details)
dereckson added a subscriber: amj.
dereckson added a project: good-first-issue.Oct 29 2017, 17:02
dereckson moved this task from Backlog to Dev on the good-first-issue board.
dereckson updated the task description. (Show Details)
dereckson moved this task from Backlog to Darkbot bugs on the Odderon board.Jun 25 2022, 01:04
Nasqueron DevCentral · If it had been much bigger the moon would have had a core of ice. · Powered by Phabricator