Launchpadlib support in Ubuntu Developer Tools
Kees Cook
kees at ubuntu.com
Wed Jan 14 18:58:58 GMT 2009
On Wed, Jan 14, 2009 at 02:54:11PM +0000, Jonathan Davies wrote:
> I've improved the error message so that it asks people to see the
> manage-credentials manpage.
Please make sure that the tool that creates the credentials stores them in
a mode 0600 file. The API examples[1] do not mention this, and I think
it's an important bit of protection.
While playing with lplib for security team work, I took this a step
further and even make the directory unreadable. e.g.:
cachedir = os.path.expanduser('~/.launchpadlib/cache')
if not os.path.exists(cachedir):
os.makedirs(cachedir,0700)
credfile = os.path.expanduser('~/.launchpadlib/credentials')
try:
credentials = Credentials()
credentials.load(open(credfile))
launchpad = Launchpad(credentials, EDGE_SERVICE_ROOT, cachedir)
except:
launchpad = Launchpad.get_token_and_login(sys.argv[0], EDGE_SERVICE_ROOT, cachedir)
-Kees
[1] https://help.launchpad.net/API/launchpadlib
--
Kees Cook
Ubuntu Security Team
More information about the ubuntu-devel
mailing list