fix: don't create secrets file as world-readable (#136)

master
Xiretza 3 years ago committed by GitHub
parent b620d0a39c
commit 70b753cd31
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23

@ -13,6 +13,8 @@
# along with this program. If not, see <http://www.gnu.org/licenses/>. # along with this program. If not, see <http://www.gnu.org/licenses/>.
from django.core.management import utils from django.core.management import utils
import os
import stat
def get_secret_from_file(path): def get_secret_from_file(path):
@ -21,6 +23,7 @@ def get_secret_from_file(path):
return f.read().strip() return f.read().strip()
except EnvironmentError: except EnvironmentError:
with open(path, "w") as f: with open(path, "w") as f:
os.chmod(path, stat.S_IRUSR | stat.S_IWUSR)
secret_key = utils.get_random_secret_key() secret_key = utils.get_random_secret_key()
f.write(secret_key) f.write(secret_key)
return secret_key return secret_key

Loading…
Cancel
Save