Validate permissions on the session directory itself, not it's parent, per Felix Pusch. Fixes #4276

2025-02-25 18:55:31 -06:00 · 2019-05-21 12:14:36 +01:00 · 2019-05-21 12:14:36 +01:00 · f1ef7b0346
commit f1ef7b0346
parent 0ee50ac248
2 changed files with 2 additions and 2 deletions
--- a/web/pgadmin/setup/data_directory.py
+++ b/web/pgadmin/setup/data_directory.py
@ -39,7 +39,7 @@ def create_app_data_directory(config):
    # Create the session directory (if not present).
    _create_directory_if_not_exists(config.SESSION_DB_PATH)
    if os.name != 'nt':
-        os.chmod(os.path.dirname(config.SESSION_DB_PATH), 0o700)
+        os.chmod(config.SESSION_DB_PATH, 0o700)

    # Create the storage directory (if not present).
    _create_directory_if_not_exists(config.STORAGE_DIR)
--- a/web/pgadmin/setup/tests/test_permissions.py
+++ b/web/pgadmin/setup/tests/test_permissions.py
@ -25,7 +25,7 @@ class PermissionsTestCase(BaseTestGenerator):
            path=os.path.dirname(config.TEST_SQLITE_PATH),
            permissions='700')),
        ('Check session directory', dict(
-            path=os.path.dirname(config.SESSION_DB_PATH),
+            path=config.SESSION_DB_PATH,
            permissions='700'))
    ]