eloquence
commented
3 years ago @creviera has offered to take a first stab at a spike to implement such a library, with the goal to prepare a draft PR for broader input as part of the 5/5-5/19 sprint.
Open sssoleileraaa opened 3 years ago
eloquence
commented
3 years ago @creviera has offered to take a first stab at a spike to implement such a library, with the goal to prepare a draft PR for broader input as part of the 5/5-5/19 sprint.
sssoleileraaa
commented
3 years ago I didn't get as far as opening a draft PR because of the security issue that came up during the sprint, but I have something started:
I propose we name the new module securedrop-pathlib. Once we agree on that, I can create a new repo and work with infra to set this up. Until then I'm working on fixing up tests, moving code around, and getting things to just work here: https://github.com/creviera/securedrop-pathlib. You can install securedrop-pathlib in the client virtualenv on this test branch by following these steps:
pip uninstall securedrop-pathlib
pip install git+https://github.com/creviera/securedrop-pathlib@master#egg=securedrop-pathlibFor this sprint, @creviera wants to
Going forward, issues will be tracked in the https://github.com/freedomofpress/secure-fs/ repo.
Description
See https://github.com/freedomofpress/securedrop-export/pull/69 and https://github.com/freedomofpress/securedrop-client/pull/1226 where we introduced semgrep, custom rules, and some safety functions for file system operations in
utils.py. This code is useful across projects so we should create a new library calledsecuredrop-pathorsecuredrop-safetyor something that works for functions such as:This will also help standardize the way we create and cleanup files (which can be confusing, see https://github.com/freedomofpress/securedrop-client/issues/1228).