pythoncookielib

How to securely store LWPCookieJar objects in python?


I'm using a cookielib.LWPCookieJar object in Python 2.6 to save cookies and re-load them on future invocations of my script. The save() method produces files with the default permissions - that is, other users on my system can read (and presumably then use) cookies I save this way.

It seems to me that persistent cookies should usually be saved in a user-only readable file (umask 077), for security. Is there a way to do this without re-implementing the save() method in my own subclass?


Solution

  • I agree that this is important -- sessions IDs are often saved as cookies.

    Would it suffice to save the cookie to a file in a directory which only the user can access?

    os.mkdir( myTmpDir, 0700 )
    // Now save the CookieJar in there...