Bug 3228: Explicitly supply the file mode to avoid creating executable files,

and add corresponding tests.
Possible 2.5 backport candidate

2 files changed, 30 insertions, 3 deletions

diff --git a/Lib/mailbox.py b/Lib/mailbox.py
index e3e9cbb342..7651e53b7f 100755
--- a/Lib/mailbox.py
+++ b/Lib/mailbox.py
@@ -398,7 +398,8 @@ class Maildir(Mailbox):
         result = Maildir(path, factory=self._factory)
         maildirfolder_path = os.path.join(path, 'maildirfolder')
         if not os.path.exists(maildirfolder_path):
-            os.close(os.open(maildirfolder_path, os.O_CREAT | os.O_WRONLY))
+            os.close(os.open(maildirfolder_path, os.O_CREAT | os.O_WRONLY,
+                0666))
         return result
 
     def remove_folder(self, folder):
@@ -1900,7 +1901,7 @@ def _unlock_file(f):
 
 def _create_carefully(path):
     """Create a file if it doesn't exist and open for reading and writing."""
-    fd = os.open(path, os.O_CREAT | os.O_EXCL | os.O_RDWR)
+    fd = os.open(path, os.O_CREAT | os.O_EXCL | os.O_RDWR, 0666)
     try:
         return open(path, 'rb+')
     finally:
diff --git a/Lib/test/test_mailbox.py b/Lib/test/test_mailbox.py
index 7a1225876b..a6494dcbea 100644
--- a/Lib/test/test_mailbox.py
+++ b/Lib/test/test_mailbox.py
@@ -716,6 +716,16 @@ class TestMaildir(TestMailbox):
         for msg in self._box:
             pass
 
+    def test_file_perms(self):
+        # From bug #3228, we want to verify that the file created inside a Maildir
+        # subfolder isn't marked as executable.
+        subfolder = self._box.add_folder('subfolder')
+        path = os.path.join(subfolder._path, 'maildirfolder')
+        st = os.stat(path)
+        perms = st.st_mode
+        self.assertFalse((perms & 0111)) # Execute bits should all be off.
+
+
 class _TestMboxMMDF(TestMailbox):
 
     def tearDown(self):
@@ -805,11 +815,27 @@ class _TestMboxMMDF(TestMailbox):
         self._box.close()
 
 
-
 class TestMbox(_TestMboxMMDF):
 
     _factory = lambda self, path, factory=None: mailbox.mbox(path, factory)
 
+    def test_file_perms(self):
+        # From bug #3228, we want to verify that the mailbox file isn't executable,
+        # even if the umask is set to something that would leave executable bits set.
+        # We only run this test on platforms that support umask.
+        if hasattr(os, 'umask'):
+            try:
+                old_umask = os.umask(0077)
+                self._box.close()
+                os.unlink(self._path)
+                self._box = mailbox.mbox(self._path, create=True)
+                self._box.add('')
+                self._box.close()
+                st = os.stat(self._path)
+                perms = st.st_mode
+                self.assertFalse((perms & 0111)) # Execute bits should all be off.
+            finally:
+                os.umask(old_umask)
 
 class TestMMDF(_TestMboxMMDF):