Merge pull request #11 from zx2c4-forks/jd/umask

service: set umask prior to file creation
corrad1nho · Jul 30, 2018 · 8faa575 · 8faa575
2 parents fecf399 + 06c358b
commit 8faa575
Showing 1 changed file with 4 additions and 0 deletions.
diff --git a/qomui/qomui_service.py b/qomui/qomui_service.py
@@ -227,6 +227,7 @@ def restore_default_dns(self):
 
     @dbus.service.method(BUS_NAME, in_signature='ss', out_signature='s')
     def copy_rootdir(self, provider, certpath):
+        oldmask = os.umask(0o077)
         if not os.path.exists("%s/certs" %ROOTDIR):
             os.makedirs("%s/certs" %ROOTDIR)
 
@@ -307,6 +308,7 @@ def copy_rootdir(self, provider, certpath):
         for key in [file for file in os.listdir("%s/certs" % (ROOTDIR))]:
             Popen(['chown', 'root', '%s/certs/%s' % (ROOTDIR, key)])
             Popen(['chmod', '0600', '%s/certs/%s' % (ROOTDIR, key)])
+        os.umask(oldmask)
         return "copied"
 
     @dbus.service.method(BUS_NAME, in_signature='s', out_signature='')
@@ -461,6 +463,7 @@ def vpn_thread(self):
             self.openvpn()
 
     def wireguard(self):
+        oldmask = os.umask(0o077)
         path = "%s/wg_qomui.conf" %ROOTDIR
         if self.ovpn_dict["provider"] == "Mullvad":
             with open ("%s/certs/mullvad_wg.conf" %ROOTDIR, "r") as wg:
@@ -472,6 +475,7 @@ def wireguard(self):
 
         else:
             shutil.copyfile("%s/%s" %(ROOTDIR, self.ovpn_dict["path"]), path)
+        os.umask(oldmask)
 
         Popen(['chmod', '0600', path])