Merge #14984: On POSIX, enforce permissions when reading default .netrc.

author: R David Murray <rdmurray@bitdance.com> 2013-09-18 01:04:50 (GMT)
committer: R David Murray <rdmurray@bitdance.com> 2013-09-18 01:04:50 (GMT)
commit: fb9dc0b3ae1e048c89988fcf4c570cd73da2f455 (patch)
tree: f70ecd0a43885b9aae730cfe013bbbd0bb373572 /Misc
parent: dafea851901fc1de278ad79727d3b44f46ba5a31 (diff)
parent: 8270a2c209836c49fb2909c3af6117c46439b86e (diff)
download: cpython-fb9dc0b3ae1e048c89988fcf4c570cd73da2f455.zip
cpython-fb9dc0b3ae1e048c89988fcf4c570cd73da2f455.tar.gz
cpython-fb9dc0b3ae1e048c89988fcf4c570cd73da2f455.tar.bz2
1 files changed, 6 insertions, 0 deletions
diff --git a/Misc/NEWS b/Misc/NEWS
index 25f395a..39ef595 100644
--- a/Misc/NEWS
+++ b/Misc/NEWS
@@ -68,6 +68,12 @@ Core and Builtins
 Library
 -------
 
+- Issue #14984: On POSIX systems, when netrc is called without a filename
+  argument (and therefore is reading the user's $HOME/.netrc file), it now
+  enforces the same security rules as typical ftp clients: the .netrc file must
+  be owned by the user that owns the process and must not be readable by any
+  other user.
+
 - Issue #18873: The tokenize module now detects Python source code encoding
   only in comment lines.
author	R David Murray <rdmurray@bitdance.com>	2013-09-18 01:04:50 (GMT)
committer	R David Murray <rdmurray@bitdance.com>	2013-09-18 01:04:50 (GMT)
commit	fb9dc0b3ae1e048c89988fcf4c570cd73da2f455 (patch)
tree	f70ecd0a43885b9aae730cfe013bbbd0bb373572 /Misc
parent	dafea851901fc1de278ad79727d3b44f46ba5a31 (diff)
parent	8270a2c209836c49fb2909c3af6117c46439b86e (diff)
download	cpython-fb9dc0b3ae1e048c89988fcf4c570cd73da2f455.zip cpython-fb9dc0b3ae1e048c89988fcf4c570cd73da2f455.tar.gz cpython-fb9dc0b3ae1e048c89988fcf4c570cd73da2f455.tar.bz2