The wrong base is used when calculating the mode in
|
with ci_lib.Fold('job_setup'): |
|
os.chdir(TESTS_DIR) |
|
os.chmod('../data/docker/mitogen__has_sudo_pubkey.key', int('0600', 7)) |
it should be base 8. The correct permission is u=rw,g=,o=, the actual result is 0o446 -> u=r,g=r,o=rw.
This key is only used during CI jobs, so I don't think this bug results in a security vulnerability of mitogen. The incorrect permission was introduced in commit 06ae597#diff-2b989045c3f414fc662f679fc29531d94bfb5f614f793af91913c5dfa6b2c578R32-R34 on Aug 18 2018 when the script was converted from Bash to Python.
The wrong base is used when calculating the mode in
mitogen/.ci/ansible_tests.py
Lines 42 to 44 in a35b208
it should be base 8. The correct permission is
u=rw,g=,o=, the actual result is0o446->u=r,g=r,o=rw.This key is only used during CI jobs, so I don't think this bug results in a security vulnerability of mitogen. The incorrect permission was introduced in commit 06ae597#diff-2b989045c3f414fc662f679fc29531d94bfb5f614f793af91913c5dfa6b2c578R32-R34 on Aug 18 2018 when the script was converted from Bash to Python.