[GRASS-dev] Directory security/permission issue
Glynn Clements
glynn at gclements.plus.com
Thu Jul 12 07:17:38 EDT 2007
Brad Douglas wrote:
> > > Don't know how, but my umask was set to 0002.
> >
> > Odd; 0002 should give mode 775 for directories.
>
> I know. I figured that at one point, the umask must have been 0, but
> after some further testing, all new directory permissions are 0777
> REGARDLESS of manual change to umask. This leads me to believe it is
> getting set somewhere in GRASS. Maybe lib/init/set_data.c?
object | symbol
-------------------------------------------------+--------
general/g.tempfile/OBJ.i686-pc-linux-gnu/main.o | umask
lib/gis/OBJ.i686-pc-linux-gnu/gisinit.o | umask
lib/init/OBJ.i686-pc-linux-gnu/set_data.o | umask
lib/init/OBJ.i686-pc-linux-gnu/lock.o | umask
(4 rows)
lib/gis/gisinit.c has umask(022), while the others all have umask(0).
Every single one of these is wrong. The umask is for the user;
programs should leave it alone.
I've removed all four umask() calls from CVS.
Also, lib/init/init.sh had two occurrences of:
echo "umask 022" >> "$bashrc"
which I have removed.
The remaining occurrence:
tmp=/tmp/grass6-$USER-$GIS_LOCK
(umask 077 && mkdir "$tmp") || {
has been retained, although I'm not sure why this doesn't just use
"mkdir -m 007" rather than (temporarily) setting the umask.
--
Glynn Clements <glynn at gclements.plus.com>
More information about the grass-dev
mailing list