[tor-commits] [flashproxy/master] Move check_perms to fac.py.

Thu Mar 7 09:17:35 UTC 2013

commit 62a54a9b715c6347300600cee0629f656915572c
Author: David Fifield <david at bamsoftware.com>
Date:   Thu Mar 7 00:19:36 2013 -0800

    Move check_perms to fac.py.
---
 facilitator/fac.py                   |    8 ++++++++
 facilitator/facilitator-email-poller |    8 +-------
 facilitator/facilitator-reg-daemon   |    9 +--------
 3 files changed, 10 insertions(+), 15 deletions(-)

diff --git a/facilitator/fac.py b/facilitator/fac.py
index 3a84ef4..9d33a3e 100644
--- a/facilitator/fac.py
+++ b/facilitator/fac.py
@@ -1,8 +1,16 @@
 import errno
+import os
 import re
 import socket
+import stat
 import subprocess
 
+# Return true iff the given fd is readable, writable, and executable only by its
+# owner.
+def check_perms(fd):
+    mode = os.fstat(fd)[0]
+    return (mode & (stat.S_IRWXG | stat.S_IRWXO)) == 0
+
 # A decorator to ignore "broken pipe" errors.
 def catch_epipe(fn):
     def ret(self, *args):
diff --git a/facilitator/facilitator-email-poller b/facilitator/facilitator-email-poller
index f2f9466..e2a794e 100755
--- a/facilitator/facilitator-email-poller
+++ b/facilitator/facilitator-email-poller
@@ -148,12 +148,6 @@ if len(args) != 0:
     usage(sys.stderr)
     sys.exit(1)
 
-# Return true iff the given fd is readable, writable, and executable only by its
-# owner.
-def check_perms(fd):
-    mode = os.fstat(fd)[0]
-    return (mode & (stat.S_IRWXG | stat.S_IRWXO)) == 0
-
 # Load the email password.
 if options.password_filename is None:
     print >> sys.stderr, "The --pass option is required."
@@ -166,7 +160,7 @@ Failed to open password file "%s": %s.\
 """ % (options.password_filename, str(e))
     sys.exit(1)
 try:
-    if not check_perms(password_file.fileno()):
+    if not fac.check_perms(password_file.fileno()):
         print >> sys.stderr, "Refusing to run with group- or world-readable password file. Try"
         print >> sys.stderr, "\tchmod 600 %s" % options.password_filename
         sys.exit(1)
diff --git a/facilitator/facilitator-reg-daemon b/facilitator/facilitator-reg-daemon
index 996c50e..e684127 100755
--- a/facilitator/facilitator-reg-daemon
+++ b/facilitator/facilitator-reg-daemon
@@ -4,7 +4,6 @@ import SocketServer
 import getopt
 import os
 import socket
-import stat
 import sys
 import threading
 import time
@@ -85,12 +84,6 @@ def find_client_addr(body):
             return fac.parse_addr_spec(client_spec)
     return None
 
-# Return true iff the given fd is readable, writable, and executable only by its
-# owner.
-def check_perms(fd):
-    mode = os.fstat(fd)[0]
-    return (mode & (stat.S_IRWXG | stat.S_IRWXO)) == 0
-
 class Handler(SocketServer.StreamRequestHandler):
     def __init__(self, *args, **kwargs):
         self.deadline = time.time() + CLIENT_TIMEOUT
@@ -174,7 +167,7 @@ def main():
         print >> sys.stderr, "Failed to open private key file \"%s\": %s." % (options.key_filename, str(e))
         sys.exit(1)
     try:
-        if not check_perms(key_file.fileno()):
+        if not fac.check_perms(key_file.fileno()):
             print >> sys.stderr, "Refusing to run with group- or world-readable private key file. Try"
             print >> sys.stderr, "\tchmod 600 %s" % options.key_filename
             sys.exit(1)



