+++ /dev/null
-Improve security of get_runtime_dir(strict=False)
-diff --git a/xdg/BaseDirectory.py b/xdg/BaseDirectory.py
-index cececa3..a7c31b1 100644
---- a/xdg/BaseDirectory.py
-+++ b/xdg/BaseDirectory.py
-@@ -25,7 +25,7 @@
- Note: see the rox.Options module for a higher-level API for managing options.
- """
--import os
-+import os, stat
- _home = os.path.expanduser('~')
- xdg_data_home = os.environ.get('XDG_DATA_HOME') or \
-@@ -131,15 +131,30 @@ def get_runtime_dir(strict=True):
- import getpass
- fallback = '/tmp/pyxdg-runtime-dir-fallback-' + getpass.getuser()
-+ create = False
- try:
-- os.mkdir(fallback, 0o700)
-+ # This must be a real directory, not a symlink, so attackers can't
-+ # point it elsewhere. So we use lstat to check it.
-+ st = os.lstat(fallback)
- except OSError as e:
- import errno
-- if e.errno == errno.EEXIST:
-- # Already exists - set 700 permissions again.
-- import stat
-- os.chmod(fallback, stat.S_IRUSR|stat.S_IWUSR|stat.S_IXUSR)
-- else: # pragma: no cover
-+ if e.errno == errno.ENOENT:
-+ create = True
-+ else:
- raise
-+ else:
-+ # The fallback must be a directory
-+ if not stat.S_ISDIR(st.st_mode):
-+ os.unlink(fallback)
-+ create = True
-+ # Must be owned by the user and not accessible by anyone else
-+ elif (st.st_uid != os.getuid()) \
-+ or (st.st_mode & (stat.S_IRWXG | stat.S_IRWXO)):
-+ os.rmdir(fallback)
-+ create = True
-+ if create:
-+ os.mkdir(fallback, 0o700)
- return fallback
+++ /dev/null
-# Copyright 1999-2020 Gentoo Authors
-# Distributed under the terms of the GNU General Public License v2
-PYTHON_COMPAT=( python{2_7,3_6} )
-inherit distutils-r1
-DESCRIPTION="A Python module to deal with freedesktop.org specifications"
-HOMEPAGE="https://freedesktop.org/wiki/Software/pyxdg https://cgit.freedesktop.org/xdg/pyxdg/"
-KEYWORDS="~alpha amd64 arm arm64 hppa ia64 ~mips ppc ppc64 sparc x86"
-RESTRICT="!test? ( test )"
-DEPEND="test? ( dev-python/nose[${PYTHON_USEDEP}]
- x11-themes/hicolor-icon-theme )"
-PATCHES=( "${FILESDIR}"/sec-patch-CVE-2014-1624.patch )
-python_test() {
- nosetests || die
+++ /dev/null
-# Copyright 1999-2020 Gentoo Authors
-# Distributed under the terms of the GNU General Public License v2
-PYTHON_COMPAT=( python{2_7,3_6} )
-inherit distutils-r1
-DESCRIPTION="A Python module to deal with freedesktop.org specifications"
-HOMEPAGE="https://freedesktop.org/wiki/Software/pyxdg https://cgit.freedesktop.org/xdg/pyxdg/"
-# official mirror of the git repo
-SRC_URI="https://github.com/takluyver/pyxdg/archive/rel-${PV}.tar.gz -> ${MY_P}.tar.gz"
-KEYWORDS="~alpha ~amd64 ~arm ~arm64 ~hppa ~ia64 ~mips ~ppc ~ppc64 ~sparc ~x86"
-RESTRICT="!test? ( test )"
- test? (
- dev-python/nose[${PYTHON_USEDEP}]
- x11-themes/hicolor-icon-theme
- )"
-python_test() {
- nosetests -v || die