Create ~/.pypirc securely (#13512). There was a window between the write and the chmod where the user’s password would be exposed, depending on default permissions. Philip Jenvey’s patch fixes it.

commit: e5567ccc863cadb68f5e57a2760e021e0d3807cf [log] [tgz]
author: Éric Araujo <merwok@netwok.org> Tue Jul 03 01:23:46 2012 -0400
committer: Éric Araujo <merwok@netwok.org> Tue Jul 03 01:23:46 2012 -0400
tree: 9fd8efdce5aa24773b4aa1682b3f1204cef1b524
parent: 9e06e37be0afb8503da29c72b19179e3da25fb87 [diff] [blame]
diff --git a/Lib/distutils/config.py b/Lib/distutils/config.py
index afa403f..9d8b30e 100644
--- a/Lib/distutils/config.py
+++ b/Lib/distutils/config.py

@@ -42,7 +42,7 @@
     def _store_pypirc(self, username, password):
         """Creates a default .pypirc file."""
         rc = self._get_rc_file()
-        f = open(rc, 'w')
+        f = os.fdopen(os.open(rc, os.O_CREAT | os.O_WRONLY, 0600), 'w')
         try:
             f.write(DEFAULT_PYPIRC % (username, password))
         finally:
commit	e5567ccc863cadb68f5e57a2760e021e0d3807cf	[log] [tgz]
author	Éric Araujo <merwok@netwok.org>	Tue Jul 03 01:23:46 2012 -0400
committer	Éric Araujo <merwok@netwok.org>	Tue Jul 03 01:23:46 2012 -0400
tree	9fd8efdce5aa24773b4aa1682b3f1204cef1b524
parent	9e06e37be0afb8503da29c72b19179e3da25fb87 [diff] [blame]