Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

curl: add --create-file-mode [mode] #6244

Closed
wants to merge 2 commits into from
Closed

Conversation

@bagder
Copy link
Member

@bagder bagder commented Nov 24, 2020

This option sets the (octal) mode to use for the remote file when one is
created, using the SFTP, SCP or FILE protocols. When not set, the
default is 0644.

@tlhackque
Copy link

@tlhackque tlhackque commented Nov 25, 2020

When not set, the default is 0644.

This is a bad idea. The default should be whatever the remote provides, which may be based on directory permissions, ACLs, the server's configuration, the username/authentication credentials used...

Directory ACLs can provide a default permission for new files. Server configurations may provide a umask (or equivalent) for new files, as may the login file (e.g. .bashrc) for the account under which it (or the transfer) runs.

Forcing 0644 would enforce a policy choice that may not match the remote server's requirements. cURL should not be setting an arbitrary security policy. Defaults also vary by OS - while 0644 is common for Unix, it's not the default for others.

I support providing a means for the user to request specific permissions - this is a good idea. But the default should not be to override the remote's defaults. The default should be to do nothing - let the remote server do its job.

The same analysis applies to establishing file ownership -- absent a specific user request, cURL wouldn't send a --quote chown to set the remote file's owner or group to the same as the local owner/group. The remote system may not have the same account structure as the local system - and jsmith on the remote may refer to Jane, not John.

@emilengler
Copy link
Contributor

@emilengler emilengler commented Nov 25, 2020

I agree with @tlhackque. I have not reviewed the code yet but as far as I understand the argument can be provided without any subarguments. I would suggest to enforce the input of a mode then?

@bagder
Copy link
Member Author

@bagder bagder commented Nov 25, 2020

When not set, the default is 0644.
This is a bad idea.

This is already what the code does, this PR doesn't introduce this.

The default should be whatever the remote provides

No can do. We need to set the exact mode for all these three protocols. Unless you know more than I do.

@bagder
Copy link
Member Author

@bagder bagder commented Nov 25, 2020

the argument can be provided without any subarguments. I would suggest to enforce the input of a mode then?

I don't understand what you're suggesting here. Can you rephrase or show with an example?

bagder added a commit that referenced this pull request Dec 15, 2020
This option sets the (octal) mode to use for the remote file when one is
created, using the SFTP, SCP or FILE protocols. When not set, the
default is 0644.

Closes #6244
@bagder bagder force-pushed the bagder/create-file-mode branch from 86b0ee8 to 59bf824 Dec 15, 2020
bagder added a commit that referenced this pull request Dec 19, 2020
This option sets the (octal) mode to use for the remote file when one is
created, using the SFTP, SCP or FILE protocols. When not set, the
default is 0644.

Closes #6244
@bagder bagder force-pushed the bagder/create-file-mode branch from 59bf824 to a004d6f Dec 19, 2020
bagder added 2 commits Dec 20, 2020
This option sets the (octal) mode to use for the remote file when one is
created, using the SFTP, SCP or FILE protocols. When not set, the
default is 0644.

Closes #6244
@bagder bagder force-pushed the bagder/create-file-mode branch from a004d6f to 3377237 Dec 20, 2020
@bagder bagder closed this in a7696c7 Dec 21, 2020
@bagder bagder deleted the bagder/create-file-mode branch Dec 22, 2020
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Projects
None yet
Linked issues

Successfully merging this pull request may close these issues.

None yet

3 participants