Don't “fix” the permissions of preexisting DOT_SAGE

[mezzarobba]

See the commit message for details.

Component: scripts

Author: Marc Mezzarobba

Branch/Commit: 387fdfc

Reviewer: Matthias Koeppe

Issue created by migration from https://trac.sagemath.org/ticket/29093

[mezzarobba]

Commit: 387fdfc

[mezzarobba]

Author: Marc Mezzarobba

[mezzarobba]

Branch: u/mmezzarobba/29093-dot_sage_permissions

[mezzarobba]

New commits:

387fdfc

Don't “fix” the permissions of preexisting DOT_SAGE

[mkoeppe]

comment:2

Works for me.

[mkoeppe]

Reviewer: Matthias Koeppe

[mkoeppe]

comment:3

By the way, I checked that IPython creates some of its subfolders under $DOT_SAGE, and the notebook_cookie_secret file in $HOME/Library/Jupyter/runtime (on macOS) with more restrictive permissions (700/600).

On the other hand, the history file is 644.

So when the user sets the permissions of $DOT_SAGE to 755, the history will be exposed, but more sensitive data are still safe.

I haven't checked what the legacy notebook does.

(base) egret:~/.sage (t/29093/29093-dot_sage_permissions $%)$ ls -la ipython-5.0.0/profile_default
total 56
drwxr-xr-x  8 mkoeppe  staff    256 Jan 28 18:32 .
drwxr-xr-x  5 mkoeppe  staff    160 Jan 28 18:30 ..
drwxr-xr-x  2 mkoeppe  staff     64 Jan 28 18:30 db
-rw-r--r--  1 mkoeppe  staff  28672 Jan 28 18:32 history.sqlite
drwxr-xr-x  2 mkoeppe  staff     64 Jan 28 18:30 log
drwx------  2 mkoeppe  staff     64 Jan 28 18:30 pid
drwx------  2 mkoeppe  staff     64 Jan 28 18:30 security
drwxr-xr-x  3 mkoeppe  staff     96 Jan 28 18:30 startup

(base) egret:/Users/mkoeppe/s/sage/sage-rebasing/worktree-clean (t/29093/29093-dot_sage_permissions $%)$ ./sage -sh -c 'jupyter --paths'
config:
    /Users/mkoeppe/s/sage/sage-rebasing/worktree-clean/fakehome/.sage//jupyter-4.1
    /Users/mkoeppe/s/sage/sage-rebasing/worktree-clean/local/etc/jupyter
    /usr/local/etc/jupyter
    /etc/jupyter
data:
    /Users/mkoeppe/s/sage/sage-rebasing/worktree-clean/fakehome/Library/Jupyter
    /Users/mkoeppe/s/sage/sage-rebasing/worktree-clean/local/share/jupyter
    /usr/local/share/jupyter
    /usr/share/jupyter
runtime:
    /Users/mkoeppe/s/sage/sage-rebasing/worktree-clean/fakehome/Library/Jupyter/runtime
(base) egret:/Users/mkoeppe/s/sage/sage-rebasing/worktree-clean (t/29093/29093-dot_sage_permissions $%)$ ls -l /Users/mkoeppe/s/sage/sage-rebasing/worktree-clean/fakehome/Library/Jupyter/runtime
total 32
-rw-r--r-T  1 mkoeppe  staff  263 Jan 28 18:39 kernel-d03f6006-b3d6-4001-ab36-f4554ba1862e.json
-rw-r--r--@ 1 mkoeppe  staff  484 Jan 28 18:38 nbserver-83225-open.html
-rw-r--r--  1 mkoeppe  staff  290 Jan 28 18:38 nbserver-83225.json
-rw-------  1 mkoeppe  staff   45 Jan 28 18:31 notebook_cookie_secret
(base) egret:/Users/mkoeppe/s/sage/sage-rebasing/worktree-clean (t/29093/29093-dot_sage_permissions $%)$ 

[mezzarobba]

comment:4

Thank you for the review!

[vbraun]

Changed branch from u/mmezzarobba/29093-dot_sage_permissions to 387fdfc