-
Notifications
You must be signed in to change notification settings - Fork 28
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
WriteFile doesn't respect umask #33
Comments
Thanks for the detailed report!
Do you see a solution with avoiding |
For Linux 4.7 and newer the umask is exposed via procfs (commit; backported to older kernels by a few vendors):
Unfortunately the only portable alternative I'm aware of is to reimplement |
Should the respect of umask be punted to the application code? Any attempt to read the umask and then apply it when writing a new file will be inherently racy due to the delay between the read and the apply. Surely applications should know their initial umask and also know when that umask changes? |
The Go runtime would be able to determine the umask at start via the Thus this responsibility can't be given to application code. Instead So yes, that leaves us with replacing |
I don’t see any other option. Would you be willing to send a PR which makes the code change? Thanks |
Yes, I'll prepare one. |
Okay, I have added Let me know if anything else needs to be done or changed. Thanks very much for your contribution! |
On Unix systems the
renameio.WriteFile
function does not respect the umask(2). This is directly caused byioutil.TempFile
always setting the file mode to 0600, in contrast toioutil.WriteFile
which passes the desired mode toos.OpenFile
where it's forwarded to the underlying syscall creating the file after applying the umask.The active umask can't be looked up without changing it and, optionally, restoring the previous value (see
syscall.Umask
and man page linked above). This is no good when multiple file operations may be ongoing concurrently. As such I don't see an immediate solution without avoidingioutil.TempFile
.Reproduction with a umask of 0077 (drop all permissions for the group and others):
Test code:
The text was updated successfully, but these errors were encountered: