From 7755d97a76b705faf2f0598aa9d51c322c04806f Mon Sep 17 00:00:00 2001 From: SomberNight Date: Wed, 25 Mar 2026 16:08:53 +0000 Subject: [PATCH] set restrictive unix umask application-wide by default - I noticed we were creating the RPC server unix domain socket with 0o775. Instead of hunting down each individual line we create files/dirs, we should just set a restrictive umask by default. We can still use chmod to relax this for individual files. -- but we should try to be secure by default - note: bitcoin core does the same https://github.com/bitcoin/bitcoin/blame/2fe76ed8324af44c985b96455a05c3e8bec0a03e/src/common/system.cpp#L92 - the umask is set in run_electrum as opposed to __init__.py so that we don't side-effect use-cases where electrum is imported as a library --- run_electrum | 9 +++++++++ 1 file changed, 9 insertions(+) diff --git a/run_electrum b/run_electrum index df45836e1..e0fd8457f 100755 --- a/run_electrum +++ b/run_electrum @@ -107,6 +107,15 @@ if is_android: ctypes.pythonapi = ctypes.PyDLL("libpython%d.%d.so" % sys.version_info[:2]) # replaces ctypes.PyDLL(None) +# Set default application-wide file umask to more restrictive than typical. +# We want to create all files and directories (esp. inside the datadir) with locked-down permissions. +# note: this helps even on Windows! (see https://docs.python.org/3/library/os.html#os.mkdir) +# > `os.mkdir(path, mode=0o777, *, dir_fd=None)` +# > On Windows, a mode of 0o700 is specifically handled to apply access control to the new +# > directory such that only the current user and administrators have access. +os.umask(0o0077) + + sys._ELECTRUM_RUNNING_VIA_RUNELECTRUM = True # used by logging.py from electrum.logging import get_logger, configure_logging # import logging submodule first