diff --git a/securedrop_client/app.py b/securedrop_client/app.py index db7ac6f827..7630115bf5 100644 --- a/securedrop_client/app.py +++ b/securedrop_client/app.py @@ -190,6 +190,7 @@ def start_app(args, qt_args) -> None: - configure the client (logic) object. - ensure the application is setup in the default safe starting state. """ + os.umask(0o077) configure_locale_and_language() init(args.sdc_home) configure_logging(args.sdc_home) diff --git a/securedrop_client/db.py b/securedrop_client/db.py index b4663af837..606f18a1b7 100644 --- a/securedrop_client/db.py +++ b/securedrop_client/db.py @@ -37,6 +37,8 @@ def make_session_maker(home: str) -> scoped_session: db_path = os.path.join(home, "svs.sqlite") engine = create_engine("sqlite:///{}".format(db_path)) + if os.path.exists(db_path) and oct(os.stat(db_path).st_mode) != "0o100700": + os.chmod(db_path, 0o700) maker = sessionmaker(bind=engine) return scoped_session(maker) diff --git a/securedrop_client/gui/main.py b/securedrop_client/gui/main.py index 3dee3bc776..42929a0ab3 100644 --- a/securedrop_client/gui/main.py +++ b/securedrop_client/gui/main.py @@ -20,7 +20,6 @@ along with this program. If not, see . """ import logging -import os from gettext import gettext as _ from typing import Dict, List, Optional # noqa: F401 @@ -56,7 +55,6 @@ def __init__(self) -> None: place for details / message contents / forms. """ super().__init__() - os.umask(0o077) load_font("Montserrat") load_font("Source_Sans_Pro") self.setStyleSheet(load_css("sdclient.css")) diff --git a/securedrop_client/logic.py b/securedrop_client/logic.py index bee5f41f9d..1b0f3815fd 100644 --- a/securedrop_client/logic.py +++ b/securedrop_client/logic.py @@ -337,7 +337,13 @@ def __init__( self.show_last_sync_timer.timeout.connect(self.show_last_sync) # Path to the file containing the timestamp since the last sync with the server + # TODO: Remove this code once the sync timestamp is tracked instead in svs.sqlite self.last_sync_filepath = os.path.join(home, "sync_flag") + if ( + os.path.exists(self.last_sync_filepath) + and oct(os.stat(self.last_sync_filepath).st_mode) != "0o100700" + ): + os.chmod(self.last_sync_filepath, 0o700) @property def is_authenticated(self) -> bool: diff --git a/tests/test_logic.py b/tests/test_logic.py index afa2d6f16b..8dfdeb2664 100644 --- a/tests/test_logic.py +++ b/tests/test_logic.py @@ -81,12 +81,18 @@ def test_Controller_init(homedir, config, mocker, session_maker): Using the `config` fixture to ensure the config is written to disk. """ mock_gui = mocker.MagicMock() + insecure_sync_flag_path = os.path.join(homedir, "sync_flag") + with open(insecure_sync_flag_path, "w"): + pass + assert oct(os.stat(insecure_sync_flag_path).st_mode) == "0o100644" co = Controller("http://localhost/", mock_gui, session_maker, homedir) assert co.hostname == "http://localhost/" assert co.gui == mock_gui assert co.session_maker == session_maker assert co.api_threads == {} + assert co.last_sync_filepath == insecure_sync_flag_path + assert oct(os.stat(co.last_sync_filepath).st_mode) == "0o100700" def test_Controller_setup(homedir, config, mocker, session_maker, session):