diff options
author | Daniel Friesel <derf@derf.homelinux.org> | 2008-08-23 11:42:31 +0200 |
---|---|---|
committer | Daniel Friesel <derf@derf.homelinux.org> | 2008-08-23 11:42:31 +0200 |
commit | 25e1e56306943311bfb6d5e40ce5e2282792ef1b (patch) | |
tree | c30ca3d39523dcc52cd0052c605a140f309530fd | |
parent | 8a8c2199e83698ca477a60a7fd9a0e4737b4d033 (diff) |
bin/envstore: Renamed pickle milename to comply to the completion, added security measures from upstream
-rwxr-xr-x | bin/envstore | 8 |
1 files changed, 6 insertions, 2 deletions
diff --git a/bin/envstore b/bin/envstore index e3971ba..fdedb20 100755 --- a/bin/envstore +++ b/bin/envstore @@ -19,6 +19,7 @@ import cPickle as pickle import getopt import os +import stat import sys def usage(): @@ -57,14 +58,17 @@ try: except IndexError: usage() -store_filename = os.environ["HOME"] + "/var/tmp/envstore-" + str(os.getuid()) +store_filename = "/tmp/envstore-" + str(os.getuid()) raw_filename = os.environ["HOME"] + "/var/tmp/envstore-raw-" + str(os.getuid()) try: + if os.stat(store_filename).st_uid != os.getuid(): + print >> sys.stderr, "envstore: Store file does not belong to current user" + sys.exit(6) store_file = open(store_filename) store = pickle.load(store_file) store_file.close() -except IOError: +except (IOError, OSError): store = {} if command == "show": |