Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Avoid unnecessary chown of temporary files #2060

Merged
merged 1 commit into from Aug 19, 2019

Conversation

@tilgovi
Copy link
Collaborator

tilgovi commented Jun 17, 2019

When Gunicorn is configured to change the effective user or group of the
worker processes, it changes the owner and group fo the the temporary
files used for interprocess communication.

With this change, Gunicorn does not change the owner or group of the
files if the worker processes will run as the current effective user and
gorup. This change avoids calling chown when it is not necessary, which
may allow Gunicorn to be used in environments that restrict use of the
chown syscall.

Relates to #2059.

# a different user or group, so that the worker can modify the file
if cfg.uid != os.geteuid() or cfg.gid != os.getegid():
util.chown(name, cfg.uid, cfg.gid)

# unlink the file so we don't leak tempory files

This comment has been minimized.

Copy link
@yakkle

yakkle Jun 17, 2019

it's not related this PR, tempory typo.

@benoitc benoitc self-requested a review Jun 18, 2019
@benoitc

This comment has been minimized.

Copy link
Owner

benoitc commented Jun 18, 2019

looks good for me. I would not close the initial issue though, just relate to it in the commit message.

When Gunicorn is configured to change the effective user or group of the
worker processes, it changes the owner and group fo the the temporary
files used for interprocess communication.

With this change, Gunicorn does not change the owner or group of the
files if the worker processes will run as the current effective user and
gorup. This change avoids calling chown when it is not necessary, which
may allow Gunicorn to be used in environments that restrict use of the
chown syscall.

Relates to #2059.
@tilgovi tilgovi force-pushed the fix/2059/avoid-unnecessary-tmpfile-chown branch from 4f4dba5 to fbb12f7 Aug 18, 2019
@tilgovi tilgovi merged commit 4080290 into master Aug 19, 2019
4 checks passed
4 checks passed
continuous-integration/appveyor/branch AppVeyor build succeeded
Details
continuous-integration/appveyor/pr AppVeyor build succeeded
Details
continuous-integration/travis-ci/pr The Travis CI build passed
Details
continuous-integration/travis-ci/push The Travis CI build passed
Details
@tilgovi tilgovi deleted the fix/2059/avoid-unnecessary-tmpfile-chown branch Aug 19, 2019
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Projects
None yet
Linked issues

Successfully merging this pull request may close these issues.

None yet

3 participants
You can’t perform that action at this time.