From 6c9c70a45f2fd5a8c913fed6044bd4a8ecf0a1c8 Mon Sep 17 00:00:00 2001
From: bwarsaw
Date: Fri, 9 Jul 1999 23:38:12 +0000
Subject: SetSiteAdminPassword(): Open data/adm.pw with Utils.open_ex() so we
 can exactly specify the permissions on the file.  We don't need to save the
 umask since open_ex() does this.  The permissions must be exactly 0640, which
 restricts as much as possible.  Group must be able to read the file or
 site-password override in the Web interface will not work.

Fixes PR#67
---
 Mailman/SecurityManager.py | 8 +++-----
 1 file changed, 3 insertions(+), 5 deletions(-)

diff --git a/Mailman/SecurityManager.py b/Mailman/SecurityManager.py
index 289762834..917b40839 100644
--- a/Mailman/SecurityManager.py
+++ b/Mailman/SecurityManager.py
@@ -35,11 +35,9 @@ SITE_PW_FILE = os.path.join(mm_cfg.DATA_DIR, 'adm.pw')
 
 class SecurityManager:
     def SetSiteAdminPassword(self, pw):
-    	old = os.umask(0022)
-	f = open(SITE_PW_FILE, "w+")
-	f.write(Crypt.crypt(pw, Utils.GetRandomSeed()))
-	f.close()
-        os.umask(old)
+        fp = Utils.open_ex(SITE_PW_FILE, 'w', perms=0640)
+        fp.write(Crypt.crypt(pw, Utils.GetRandomSeed()))
+        fp.close()
 
     def CheckSiteAdminPassword(self, str):
 	try:
-- 
cgit v1.2.3-70-g09d2