Mercurial Repositories > eric / file comparison
comparison: src/eric7/Plugins/CheckerPlugins/CodeStyleChecker/Security/Checks/generalFilePermissions.py
src/eric7/Plugins/CheckerPlugins/CodeStyleChecker/Security/Checks/generalFilePermissions.py
- branch
- eric7
- changeset 9221
- bf71ee032bb4
- parent 9209
- b99e7fd55fd3
- child 9325
- 8157eb19aba5
equal
deleted
inserted
replaced
| 9220:e9e7eca7efee | 9221:bf71ee032bb4 |
|---|---|
| 19 | 19 |
| 20 | 20 |
| 21 def getChecks(): | 21 def getChecks(): |
| 22 """ | 22 """ |
| 23 Public method to get a dictionary with checks handled by this module. | 23 Public method to get a dictionary with checks handled by this module. |
| 24 | 24 |
| 25 @return dictionary containing checker lists containing checker function and | 25 @return dictionary containing checker lists containing checker function and |
| 26 list of codes | 26 list of codes |
| 27 @rtype dict | 27 @rtype dict |
| 28 """ | 28 """ |
| 29 return { | 29 return { |
| 34 | 34 |
| 35 | 35 |
| 36 def checkFilePermissions(reportError, context, config): | 36 def checkFilePermissions(reportError, context, config): |
| 37 """ | 37 """ |
| 38 Function to check for setting too permissive file permissions. | 38 Function to check for setting too permissive file permissions. |
| 39 | 39 |
| 40 @param reportError function to be used to report errors | 40 @param reportError function to be used to report errors |
| 41 @type func | 41 @type func |
| 42 @param context security context object | 42 @param context security context object |
| 43 @type SecurityContext | 43 @type SecurityContext |
| 44 @param config dictionary with configuration data | 44 @param config dictionary with configuration data |
| 45 @type dict | 45 @type dict |
| 46 """ | 46 """ |
| 47 if ( | 47 if "chmod" in context.callFunctionName and context.callArgsCount == 2: |
| 48 'chmod' in context.callFunctionName and | |
| 49 context.callArgsCount == 2 | |
| 50 ): | |
| 51 mode = context.getCallArgAtPosition(1) | 48 mode = context.getCallArgAtPosition(1) |
| 52 | 49 |
| 53 if ( | 50 if ( |
| 54 mode is not None and | 51 mode is not None |
| 55 isinstance(mode, int) and | 52 and isinstance(mode, int) |
| 56 (mode & stat.S_IWOTH or mode & stat.S_IXGRP) | 53 and (mode & stat.S_IWOTH or mode & stat.S_IXGRP) |
| 57 ): | 54 ): |
| 58 # world writable is an HIGH, group executable is a MEDIUM | 55 # world writable is an HIGH, group executable is a MEDIUM |
| 59 if mode & stat.S_IWOTH: | 56 if mode & stat.S_IWOTH: |
| 60 severity = "H" | 57 severity = "H" |
| 61 else: | 58 else: |
| 62 severity = "M" | 59 severity = "M" |
| 63 | 60 |
| 64 filename = context.getCallArgAtPosition(0) | 61 filename = context.getCallArgAtPosition(0) |
| 65 if filename is None: | 62 if filename is None: |
| 66 filename = 'NOT PARSED' | 63 filename = "NOT PARSED" |
| 67 | 64 |
| 68 reportError( | 65 reportError( |
| 69 context.node.lineno - 1, | 66 context.node.lineno - 1, |
| 70 context.node.col_offset, | 67 context.node.col_offset, |
| 71 "S103", | 68 "S103", |
| 72 severity, | 69 severity, |
| 73 "H", | 70 "H", |
| 74 oct(mode), | 71 oct(mode), |
| 75 filename | 72 filename, |
| 76 ) | 73 ) |
