Sophie: libzypp-17.9.0-1.1.mga7 src

libzypp-17.9.0-1.1.mga7.src.rpm

Info
Deps
Files
Scripts
ChangeLog
Location
Others versions
Analyse

From 508b1201f23b44ee90dee6dbbeb3ac5f8bd4c089 Mon Sep 17 00:00:00 2001
From: Michael Andres <ma@suse.de>
Date: Tue, 10 Dec 2019 14:05:07 +0100
Subject: [PATCH] MediaCurl: assert cookie file has mode 0600 (bsc#1158763)

---
 zypp/media/MediaCurl.cc | 1 +
 1 file changed, 1 insertion(+)

diff --git a/zypp/media/MediaCurl.cc b/zypp/media/MediaCurl.cc
index 0ec85c6ae..c244896c6 100644
--- a/zypp/media/MediaCurl.cc
+++ b/zypp/media/MediaCurl.cc
@@ -847,6 +847,7 @@ void MediaCurl::setupEasy()
    *---------------------------------------------------------------*/
 
   _currentCookieFile = _cookieFile.asString();
+  filesystem::assert_file_mode( _currentCookieFile, 0600 );
   if ( str::strToBool( _url.getQueryParam( "cookies" ), true ) )
     SET_OPTION(CURLOPT_COOKIEFILE, _currentCookieFile.c_str() );
   else