#2535 closed defect

Magic Folder: permissions of downloaded files are not set according to the user's umask — at Version 7

Reported by: dawuud Owned by: daira
Priority: normal Milestone: undecided
Component: code-frontend-magic-folder Version: 1.10.1
Keywords: magic-folder permissions security usability unix docs-needed Cc:
Launchpad Bug:

Description (last modified by daira)

During the demo with Zooko, Daira, Warner and Meejah last night we found yet another bug: the magic-folder downloader writes files with the original uploader's permissions intact as if the umask were 0077, but it should probably use the downloader's user's umask instead. If we do it like that then the user downloading files will have consistent permissions for all downloaded files.

Change History (7)

comment:1 Changed at 2015-10-14T06:51:42Z by dawuud

  • Description modified (diff)

comment:2 Changed at 2015-10-14T11:01:21Z by daira

I don't think it uses the original uploader's permissions. It uses fileutil.write (here), which uses whatever the default is for open(path, "wb") (here). But it does this as the daemonised node process, which might not have the same umask as the user's shell (ISTR that twistd changes the umask).

Last edited at 2015-10-14T11:13:27Z by daira (previous) (diff)

comment:3 Changed at 2015-10-14T11:11:41Z by daira

twistd sets umask to 0077 by default, unless overridden by --umask.

The correct approach here seems to be to save the original umask for later use by _write_downloaded_file, before passing control to twistd in tahoe start/run. (We don't want to change the umask of the node from 0077 using --umask because that would have difficult-to-review security consequences.)

comment:4 Changed at 2015-10-14T11:14:31Z by daira

  • Keywords security usability added

comment:5 Changed at 2015-10-14T11:18:01Z by daira

  • Summary changed from magic-folder permissions are inconsistent to Magic Folder: permissions of downloaded files are not set according to the user's umask

comment:6 Changed at 2015-10-14T11:19:36Z by daira

  • Keywords unix added

This bug is Unix-specific.

comment:7 Changed at 2015-10-14T11:21:06Z by daira

  • Description modified (diff)
Note: See TracTickets for help on using tickets.