From 8ec3fab3f3614287a584e311109f091a33440a8d Mon Sep 17 00:00:00 2001 From: yuvipanda Date: Sun, 19 May 2019 23:19:21 -0700 Subject: [PATCH] Make installer.log non-readable by non-root users Doesn't have any sensitive info right now but might in the future. Fixes #142 --- bootstrap/bootstrap.py | 6 +++++- integration-tests/test_install.py | 6 ++++++ 2 files changed, 11 insertions(+), 1 deletion(-) diff --git a/bootstrap/bootstrap.py b/bootstrap/bootstrap.py index ad013ca..98e7245 100644 --- a/bootstrap/bootstrap.py +++ b/bootstrap/bootstrap.py @@ -97,7 +97,11 @@ def main(): # Set up logging to print to a file and to stderr os.makedirs(install_prefix, exist_ok=True) - file_logger = logging.FileHandler(os.path.join(install_prefix, 'installer.log')) + file_logger_path = os.path.join(install_prefix, 'installer.log') + file_logger = logging.FileHandler(file_logger_path) + # installer.log should be readable only by root + os.chmod(file_logger_path, 0o500) + file_logger.setFormatter(logging.Formatter('%(asctime)s %(message)s')) file_logger.setLevel(logging.DEBUG) logger.addHandler(file_logger) diff --git a/integration-tests/test_install.py b/integration-tests/test_install.py index 1b27eea..d3aa712 100644 --- a/integration-tests/test_install.py +++ b/integration-tests/test_install.py @@ -117,6 +117,12 @@ def test_admin_writable(): permissions_test(ADMIN_GROUP, sys.prefix, writable=True, dirs_only=True) +def test_installer_log_readable(): + # Test that installer.log is owned by root, and not readable by anyone else + file_stat = os.stat('/opt/tljh/installer.log') + assert file_stat.st_uid == 0 + assert file_stat.st_mode == 0o100500 + @pytest.mark.parametrize("group", [ADMIN_GROUP, USER_GROUP]) def test_user_env_readable(group): # every file in user env should be readable by everyone