From 5f06fba59111a1146357a58f5de859eb83d1aa5b Mon Sep 17 00:00:00 2001
From: Hans-Christoph Steiner <hans@eds.org>
Date: Tue, 5 Nov 2013 17:27:08 -0500
Subject: [PATCH] init set config.py perms to 0600, otherwise warn user if
 config.py is not

Since config.py contains passwords in it, it should be protected as much as
possible.  At the very least, the file permissions should be 0600 to
restrict access to user that actually edits and runs 'fdroid' commands.
---
 fdroidserver/common.py | 4 ++++
 fdroidserver/init.py   | 1 +
 2 files changed, 5 insertions(+)

diff --git a/fdroidserver/common.py b/fdroidserver/common.py
index 5f72f835..1f86a69d 100644
--- a/fdroidserver/common.py
+++ b/fdroidserver/common.py
@@ -19,6 +19,7 @@
 
 import glob, os, sys, re
 import shutil
+import stat
 import subprocess
 import time
 import operator
@@ -43,6 +44,9 @@ def read_config(opts, config_file='config.py'):
     if not os.path.isfile(config_file):
         print "Missing config file - is this a repo directory?"
         sys.exit(2)
+    st = os.stat(config_file)
+    if st.st_mode & stat.S_IRWXG or st.st_mode & stat.S_IRWXO:
+        print("WARNING: unsafe permissions on config.py (should be 0600)!")
 
     options = opts
     if not hasattr(options, 'verbose'):
diff --git a/fdroidserver/init.py b/fdroidserver/init.py
index 82e533ed..09125551 100644
--- a/fdroidserver/init.py
+++ b/fdroidserver/init.py
@@ -109,6 +109,7 @@ def main():
         os.mkdir('repo')
         shutil.copy(os.path.join(examplesdir, 'fdroid-icon.png'), repodir)
         shutil.copyfile(os.path.join(examplesdir, 'config.sample.py'), 'config.py')
+        os.chmod('config.py', 0o0600)
     else:
         print('Looks like this is already an F-Droid repo, cowardly refusing to overwrite it...')
         sys.exit()
-- 
2.30.2