← 返回首页
[3.11] gh-79096: Protect cookie file created by {LWP,Mozilla}CookieJar.save() (GH-93463) by ambv · Pull Request #93636 · python/cpython · GitHub
Skip to content

Navigation Menu

Toggle navigation
Sign in
Appearance settings
Search or jump to...

Search code, repositories, users, issues, pull requests...

Provide feedback

We read every piece of feedback, and take your input very seriously.

Include my email address so I can be contacted

Saved searches

Use saved searches to filter your results more quickly

Appearance settings
Resetting focus

[3.11] gh-79096: Protect cookie file created by {LWP,Mozilla}CookieJar.save() (GH-93463)#93636

Merged
ambv merged 2 commits into
python:3.11from
ambv:cookiejar-chmod-3.11
Jun 9, 2022
Merged

[3.11] gh-79096: Protect cookie file created by {LWP,Mozilla}CookieJar.save() (GH-93463)#93636
ambv merged 2 commits into
python:3.11from
ambv:cookiejar-chmod-3.11

Conversation

ambv commented Jun 9, 2022

Copy link
Copy Markdown
Contributor

Note: This change is not effective on Microsoft Windows.

Cookies can store sensitive information and should therefore be protected
against unauthorized third parties. This is also described in issue #79096.

The filesystem permissions are currently set to 644, everyone can read the
file. This commit changes the permissions to 600, only the creater of the file
can read and modify it. This improves security, because it reduces the attack
surface. Now the attacker needs control of the user that created the cookie or
a ways to circumvent the filesystems permissions.

This change is backwards incompatible. Systems that rely on world-readable
cookies will breake. However, one could argue that those are misconfigured in
the first place.

This PR also includes fixes from GH-93614.

pSub and others added 2 commits June 9, 2022 15:36
….save() (pythonGH-93463) Note: This change is not effective on Microsoft Windows. Cookies can store sensitive information and should therefore be protected against unauthorized third parties. This is also described in issue python#79096. The filesystem permissions are currently set to 644, everyone can read the file. This commit changes the permissions to 600, only the creater of the file can read and modify it. This improves security, because it reduces the attack surface. Now the attacker needs control of the user that created the cookie or a ways to circumvent the filesystems permissions. This change is backwards incompatible. Systems that rely on world-readable cookies will breake. However, one could argue that those are misconfigured in the first place.
Fixup of pythonGH-93463: - remove stray print - use proper way to check file mode - add working chmod decorator Co-authored-by: Łukasz Langa <lukasz@langa.pl>

ghost commented Jun 9, 2022
edited by ghost
Loading

Copy link
Copy Markdown

All commit authors signed the Contributor License Agreement.

ambv commented Jun 9, 2022

Copy link
Copy Markdown
Contributor Author

@pSub can you click through the CLA process again for this other e-mail? We only have ...@red6-es.de on file now.

pSub commented Jun 9, 2022

Copy link
Copy Markdown
Contributor

@ambv Done.

ambv merged commit 2084f94 into python:3.11 Jun 9, 2022
ambv deleted the cookiejar-chmod-3.11 branch June 9, 2022 14:16
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters. Learn more about bidirectional Unicode characters
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

type-security A security issue

Projects

None yet

Development

Successfully merging this pull request may close these issues.

4 participants

Footer

© 2026 GitHub, Inc.