go/oauth2-proxy
1
0
Fork 0
mirror of https://github.com/oauth2-proxy/oauth2-proxy.git synced 2025-12-03 22:59:10 +02:00
Code Issues Releases Activity

Address gosec findings

Browse Source 
Mostly handling unhandled errors appropriately.
If logging to STDERR fails, we panic. Added #nosec
comments to findings we are OK with.
This commit is contained in:
Nick Meves
2020-07-19 22:24:18 -07:00
parent 7b21f53aad
commit 65c228394f
16 changed files with 155 additions and 41 deletions
Download Patch File Download Diff File Expand all files Collapse all files

7
pkg/validation/logging.go
View File

@@ -13,13 +13,16 @@ func configureLogger(o options.Logging, msgs []string) []string {
// Setup the log file
if len(o.File.Filename) > 0 {
// Validate that the file/dir can be written
file, err := os.OpenFile(o.File.Filename, os.O_WRONLY|os.O_CREATE, 0666)
file, err := os.OpenFile(o.File.Filename, os.O_WRONLY|os.O_CREATE, 0600)
if err != nil {
if os.IsPermission(err) {
return append(msgs, "unable to write to log file: "+o.File.Filename)
}
}
file.Close()
err = file.Close()
if err != nil {
return append(msgs, "error closing the log file: "+o.File.Filename)
}
logger.Printf("Redirecting logging to file: %s", o.File.Filename)