Bug 3228: Explicitly supply the file mode to avoid creating executable files,
and add corresponding tests.
Possible 2.5 backport candidate
diff --git a/Lib/mailbox.py b/Lib/mailbox.py
index e3e9cbb..7651e53 100755
--- a/Lib/mailbox.py
+++ b/Lib/mailbox.py
@@ -398,7 +398,8 @@
result = Maildir(path, factory=self._factory)
maildirfolder_path = os.path.join(path, 'maildirfolder')
if not os.path.exists(maildirfolder_path):
- os.close(os.open(maildirfolder_path, os.O_CREAT | os.O_WRONLY))
+ os.close(os.open(maildirfolder_path, os.O_CREAT | os.O_WRONLY,
+ 0666))
return result
def remove_folder(self, folder):
@@ -1900,7 +1901,7 @@
def _create_carefully(path):
"""Create a file if it doesn't exist and open for reading and writing."""
- fd = os.open(path, os.O_CREAT | os.O_EXCL | os.O_RDWR)
+ fd = os.open(path, os.O_CREAT | os.O_EXCL | os.O_RDWR, 0666)
try:
return open(path, 'rb+')
finally: