projects / mediagoblin.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: e84e1cd) | patch
Harden It's Dangerous key management.
authorBrett Smith <brettcsmith@brettcsmith.org>
Sun, 24 Mar 2013 20:27:20 +0000 (16:27 -0400)
committerBrett Smith <brettcsmith@brettcsmith.org>
Sun, 24 Mar 2013 20:27:20 +0000 (16:27 -0400)
commit09102e0767d3c24e0be7988dc22113993cbd3d3d
treee5dab61bb0eb05077d5670dc560c8c7ed0d205d5tree | snapshot (zip tar.gz)
parente84e1cdf12d2ac6e5fdd6bf6fac4cfab29065ceecommit | diff
Harden It's Dangerous key management.

The previous code was theoretically subject to timing attacks, where
an attacker could read the key in between the time it was saved to the
file and when the chmod happened.  This version prevents that by using
umasks to ensure the files always have the right permissions.

This version also avoids using a key that cannot be saved due to some
system setup bug.
mediagoblin/tools/crypto.py diff | blob | blame | history
Unnamed repository; edit this file 'description' to name the repository.