commit dcb8583c180bc9c477f58f77166dc2abbccadc11
author Guido van Rossum <guido@python.org> Mon Oct 18 21:41:43 1999 +0000
committer Guido van Rossum <guido@python.org> Mon Oct 18 21:41:43 1999 +0000
tree 33ee5799d5eca4ee3bf2c02901222affb6fe6911
parent 39d4a0237a921d93e879739042f1bcada1e92751

Fix for PR#111: when using the inplace option, give the new file the
same permissions as the old file, plugging a security hole.
(Not using exactly the suggested bugfix.)

Lib/fileinput.py

diff --git a/Lib/fileinput.py b/Lib/fileinput.py
index 2e26b5b..8f73fad 100644
--- a/Lib/fileinput.py
+++ b/Lib/fileinput.py
@@ -73,7 +73,7 @@
 
 """
 
-import sys, os
+import sys, os, stat
 
 _state = None
 
@@ -203,10 +203,22 @@
                         self._filename + (self._backup or ".bak"))
                     try: os.unlink(self._backupfilename)
                     except os.error: pass
-                    # The next three lines may raise IOError
+                    # The next few lines may raise IOError
                     os.rename(self._filename, self._backupfilename)
                     self._file = open(self._backupfilename, "r")
-                    self._output = open(self._filename, "w")
+                    try:
+                        perm = os.fstat(self._file.fileno())[stat.ST_MODE]
+                    except:
+                        self._output = open(self._filename, "w")
+                    else:
+                        fd = os.open(self._filename,
+                                     os.O_CREAT | os.O_WRONLY | os.O_TRUNC,
+                                     perm)
+                        self._output = os.fdopen(fd, "w")
+                        try:
+                            os.chmod(self._filename, perm)
+                        except:
+                            pass
                     self._savestdout = sys.stdout
                     sys.stdout = self._output
                 else: