Create ~/.pypirc securely (#13512).

There was a window between the write and the chmod where the user’s
password would be exposed, depending on default permissions.  Philip
Jenvey’s patch fixes it.

diff --git a/Lib/distutils/config.py b/Lib/distutils/config.py
index afa403f2daae6af7b110a860b3a6e4a3e15237d6..9d8b30ea30c6ffebda558857569552176fc6daa9 100644 (file)
--- a/Lib/distutils/config.py
+++ b/Lib/distutils/config.py
@@ -42,7 +42,7 @@ class PyPIRCCommand(Command):
     def _store_pypirc(self, username, password):
         """Creates a default .pypirc file."""
         rc = self._get_rc_file()
-        f = open(rc, 'w')
+        f = os.fdopen(os.open(rc, os.O_CREAT | os.O_WRONLY, 0600), 'w')
         try:
             f.write(DEFAULT_PYPIRC % (username, password))
         finally:

diff --git a/Misc/ACKS b/Misc/ACKS
index fed05535d90016725411289f940384cacc388efb..548279a7b107eb380ae71641be2a5f8a910c75af 100644 (file)
--- a/Misc/ACKS
+++ b/Misc/ACKS
@@ -412,6 +412,7 @@ Bill Janssen
 Thomas Jarosch
 Drew Jenkins
 Flemming Kjær Jensen
+Philip Jenvey
 Jiba
 Orjan Johansen
 Fredrik Johansson

diff --git a/Misc/NEWS b/Misc/NEWS
index 063a6dbf3efb60c83fdc88c6dc2e17ee29999844..baea13ae008535cd7e66082e5c52c19602ccb081 100644 (file)
--- a/Misc/NEWS
+++ b/Misc/NEWS
@@ -14,6 +14,9 @@ Core and Builtins
   longer raised due to a read system call returning EINTR from within these
   methods.
 
+- Issue #13512: Create ~/.pypirc securely (CVE-2011-4944).  Initial patch by
+  Philip Jenvey, tested by Mageia and Debian.
+
 - Issue #7719: Make distutils ignore ``.nfs*`` files instead of choking later
   on.  Initial patch by SilentGhost and Jeff Ramnani.