Mercurial > kallithea
changeset 8736:6a90b1ebea2c
git: write Git hook files atomically
Make sure we don't follow symlinks or inherit permissions from previously
installed hook.
author | Mads Kiilerich <mads@kiilerich.com> |
---|---|
date | Wed, 04 Nov 2020 13:19:18 +0100 |
parents | 3f1e5ec89bfc |
children | 1089fac66e81 |
files | kallithea/model/scm.py |
diffstat | 1 files changed, 7 insertions(+), 4 deletions(-) [+] |
line wrap: on
line diff
--- a/kallithea/model/scm.py Thu Oct 22 17:26:14 2020 +0200 +++ b/kallithea/model/scm.py Wed Nov 04 13:19:18 2020 +0100 @@ -30,6 +30,7 @@ import posixpath import re import sys +import tempfile import traceback import pkg_resources @@ -702,10 +703,12 @@ else: log.debug('writing %s hook file !', h_type) try: - with open(hook_file, 'wb') as f: - f.write(tmpl.replace(b'_TMPL_', safe_bytes(kallithea.__version__))) - os.chmod(hook_file, 0o755) - except IOError as e: + fh, fn = tempfile.mkstemp(prefix=hook_file + '.tmp.') + os.write(fh, tmpl.replace(b'_TMPL_', safe_bytes(kallithea.__version__))) + os.close(fh) + os.chmod(fn, 0o755) + os.rename(fn, hook_file) + except (OSError, IOError) as e: log.error('error writing hook %s: %s', hook_file, e)