mirror of
https://github.com/github/codeql.git
synced 2025-12-17 09:13:20 +01:00
77021ae119
We were mixing between things, so this is just to keep things consistent. Even though it's not strictly needed for all queries, it does look nice I think
17 lines
346 B
Python
17 lines
346 B
Python
import os
|
|
import stat
|
|
|
|
file = 'semmle/important_secrets'
|
|
|
|
|
|
os.chmod(file, 0o7) # BAD
|
|
os.chmod(file, 0o77) # BAD
|
|
os.chmod(file, 0o777) # BAD
|
|
os.chmod(file, 0o600) # GOOD
|
|
os.chmod(file, 0o550) # BAD
|
|
os.chmod(file, stat.S_IRWXU) # GOOD
|
|
os.chmod(file, stat.S_IWGRP) # BAD
|
|
os.chmod(file, 400) # BAD -- Decimal format.
|
|
|
|
os.open(file, 'w', 0o704) # BAD
|