Page MenuHomeDevCentral

userlist.db is saved in 644
Open, HighPublic

Description

The darkbot's user accounts are stored in an userlist.db file.

This file should be chmoded in 640, so people outside the nasqueron-irc group can't have access to the encrypted passwords list.

D1069 chmod correctly the file, but when the bot saves it again, it does with an umask 022, and so chmoded in 644.

As a consequence, we can't create new users in Odderon right now.

To solve this, identify the function saving the file in rDARKBOT and ensure it does with at least a 007 umask or honour actual file chmod.

Event Timeline

dereckson updated the task description. (Show Details)
dereckson added a subscriber: amj.
dereckson moved this task from Backlog to Dev on the good-first-issue board.
dereckson updated the task description. (Show Details)