New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
zipfile.writestr doesn't set external attributes, so files are extracted mode 000 on Unix #47644
Comments
Run the following Python script, on Unix/Linux: ========== import zipfile
z = zipfile.ZipFile('zipbad.zip', 'w')
z.writestr('filebad.txt', 'Some content')
z.close()
z = zipfile.ZipFile('zipgood.zip', 'w')
zi = zipfile.ZipInfo('filegood.txt')
zi.external_attr = 0660 << 16L
z.writestr(zi, 'Some content')
z.close() ========== Like this: python testzip.py && unzip zipbad.zip && unzip zipgood.zip && ls -l You'll see: ---------- 1 swarren swarren 12 2008-07-17 12:54 filebad.txt Note that filebad.txt is extracted with mode 000. The WAR (used for filegood.txt) is to pass writestr a ZipInfo class with |
Oops. Forgot to set "type" field. |
What value should the new archive entry's external_attr attribute have? Stephen's script exposed a second bug in writestr. When passed a name def writestr(self, zinfo_or_arcname, bytes):
"""Write a file into the archive. The contents is the string
'bytes'. 'zinfo_or_arcname' is either a ZipInfo instance or
the name of the file in the archive."""
if not isinstance(zinfo_or_arcname, ZipInfo):
zinfo = ZipInfo(filename=zinfo_or_arcname,
date_time=time.localtime(time.time())[:6])
zinfo.compress_type = self.compression The "date_time=" line should read: zinfo.date_time=time.localtime(time.time())[:6]) |
I'd probably argue for at least 0660<<16, if not 0666<<16, since group But, as long as the chosen mask includes at least 0600, I'd consider the |
Here is a patch containing code and a unit test. I set external_attr =====begin===== Setting permissions to 0600 seems like the safest course. I'm not sure if this patch should be accompanied by some documentation, PS. My earlier comments about timestamps were incorrect and spurious! |
Agree with using 0600 as default permissions. |
Committed in r65235. Thanks! |
Note: these values reflect the state of the issue at the time it was migrated and might not reflect the current state.
Show more details
GitHub fields:
bugs.python.org fields:
The text was updated successfully, but these errors were encountered: