blackducksoftware / hub-rest-api-python

HUB REST API Python bindings
Apache License 2.0
89 stars 106 forks source link

Security issue: Library-created, world-readable config file may contain secrets #197

Open iskunk opened 3 years ago

iskunk commented 3 years ago

Currently, the HubInstance API writes a world-readable config file that can contain an access token, by default.

These two commits cause the file to be written with mode 600, and disables writing of the file by default.