Account for pathlib chmod setting insecure permissions #1042
Labels
enhancement
New feature or request
Comments
costaparas
added a commit
to costaparas/bandit
that referenced
this issue
Aug 16, 2023
This extends the existing implementation for detecting bad file permissions to account for calls to pathlib module functions in addition to those from the os module. The pathlib chmod and lchmod functions are really just wrappers around the os module equivalents. However, since they are class methods, the pre-existing logic in the code did not consider the corresponding pathlib function calls. Note that the filename is not easily parsable in the case of pathlib. Closes PyCQA#1042
costaparas
added a commit
to costaparas/bandit
that referenced
this issue
Aug 16, 2023
This extends the existing implementation for detecting bad file permissions to account for calls to pathlib module functions in addition to those from the os module. The pathlib chmod and lchmod functions are really just wrappers around the os module equivalents. However, since they are class methods, the pre-existing logic in the code did not consider the corresponding pathlib function calls. Note that the filename is not easily parsable in the case of pathlib. Resolves PyCQA#1042
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
The current implementation of B103: set_bad_file_permissions works well for uses of the chmod functions from the
osmodule directly.It fails to report insecure permissions when the equivalent functions from the
pathlibmodule are being used instead.As a simple example, consider:
This should trigger an equivalent warning just as
os.chmod("dummy_file", 0o666)currently does.The code should be generalized to support the
pathlibversion of the chmod functions as well.The text was updated successfully, but these errors were encountered: