summaryrefslogtreecommitdiff
path: root/src
diff options
context:
space:
mode:
authorTomás Touceda <chiiph@leap.se>2014-07-24 11:05:41 -0300
committerTomás Touceda <chiiph@leap.se>2014-07-24 11:05:41 -0300
commite7de22a844cef0067946a2af4ec464314cf37e0d (patch)
tree007db937e4212660baced51f7ed77045d1536d49 /src
parent70f8f9ff06dd4ee52fba4b3bc35ead530242552b (diff)
parent227a31d8892c67c64beebe5135cc850dfa71c3c6 (diff)
Merge remote-tracking branch 'refs/remotes/ivan/feature/restrict-certificates-permissions' into develop
Diffstat (limited to 'src')
-rw-r--r--src/leap/bitmask/backend/utils.py3
1 files changed, 3 insertions, 0 deletions
diff --git a/src/leap/bitmask/backend/utils.py b/src/leap/bitmask/backend/utils.py
index 54a16fd7..65bf6753 100644
--- a/src/leap/bitmask/backend/utils.py
+++ b/src/leap/bitmask/backend/utils.py
@@ -19,6 +19,7 @@ Backend utilities to handle ZMQ certificates.
"""
import os
import shutil
+import stat
import zmq.auth
@@ -36,6 +37,8 @@ def generate_certificates():
if os.path.exists(KEYS_DIR):
shutil.rmtree(KEYS_DIR)
mkdir_p(KEYS_DIR)
+ # set permissions to: 0700 (U:rwx G:--- O:---)
+ os.chmod(KEYS_DIR, stat.S_IRUSR | stat.S_IWUSR | stat.S_IXUSR)
# create new keys in certificates dir
# public_file, secret_file = create_certificates(...)