Validate permissions on the session directory itself, not it's parent, per Felix Pusch. Fixes #4276

This commit is contained in:
Dave Page 2019-05-21 12:14:36 +01:00
parent 0ee50ac248
commit f1ef7b0346
2 changed files with 2 additions and 2 deletions

View File

@ -39,7 +39,7 @@ def create_app_data_directory(config):
# Create the session directory (if not present).
_create_directory_if_not_exists(config.SESSION_DB_PATH)
if os.name != 'nt':
os.chmod(os.path.dirname(config.SESSION_DB_PATH), 0o700)
os.chmod(config.SESSION_DB_PATH, 0o700)
# Create the storage directory (if not present).
_create_directory_if_not_exists(config.STORAGE_DIR)

View File

@ -25,7 +25,7 @@ class PermissionsTestCase(BaseTestGenerator):
path=os.path.dirname(config.TEST_SQLITE_PATH),
permissions='700')),
('Check session directory', dict(
path=os.path.dirname(config.SESSION_DB_PATH),
path=config.SESSION_DB_PATH,
permissions='700'))
]