New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Account for pathlib chmod setting insecure permissions #1042
Labels
enhancement
New feature or request
Comments
costaparas
added a commit
to costaparas/bandit
that referenced
this issue
Aug 16, 2023
This extends the existing implementation for detecting bad file permissions to account for calls to pathlib module functions in addition to those from the os module. The pathlib chmod and lchmod functions are really just wrappers around the os module equivalents. However, since they are class methods, the pre-existing logic in the code did not consider the corresponding pathlib function calls. Note that the filename is not easily parsable in the case of pathlib. Closes PyCQA#1042
costaparas
added a commit
to costaparas/bandit
that referenced
this issue
Aug 16, 2023
This extends the existing implementation for detecting bad file permissions to account for calls to pathlib module functions in addition to those from the os module. The pathlib chmod and lchmod functions are really just wrappers around the os module equivalents. However, since they are class methods, the pre-existing logic in the code did not consider the corresponding pathlib function calls. Note that the filename is not easily parsable in the case of pathlib. Resolves PyCQA#1042
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
The current implementation of B103: set_bad_file_permissions works well for uses of the chmod functions from the
os
module directly.It fails to report insecure permissions when the equivalent functions from the
pathlib
module are being used instead.As a simple example, consider:
This should trigger an equivalent warning just as
os.chmod("dummy_file", 0o666)
currently does.The code should be generalized to support the
pathlib
version of the chmod functions as well.The text was updated successfully, but these errors were encountered: