Skip Menu |
 

This queue is for tickets about the File-Temp CPAN distribution.

Report information
The Basics
Id: 82516
Status: open
Priority: 0/
Queue: File-Temp

People
Owner: Nobody in particular
Requestors: victor [...] vsespb.ru
Cc:
AdminCc:

Bug Information
Severity: Wishlist
Broken in: (no value)
Fixed in: (no value)



Subject: No way to avoid 0600
Download (untitled) / with headers
text/plain 757b
Hi. I am writing a software which download files from network and writes it to disk. I need to create "temp" file, write data to it, then rename it to a "real" normal file (which user will be acessing by his own). Let's call it "normal" file. I don't want to have attributes 0600 for normal file, as it should have attributes that user expects (defined by umask). temp file will reside in same directory as normal file. I don't see why in this case temp file receives 0600 attributes and there is no way to avoid it. ( I don't see security issues here as both temp file and normal file resides in same directory, normal file should definitely have permissions which user wants, so any security issue with temp file can happen with normal file as well)
Download (untitled) / with headers
text/plain 306b
On Sun Jan 06 09:07:23 2013, vsespb wrote: Show quoted text
> I don't want to have attributes 0600 for normal file, as it should have > attributes that user expects (defined by umask).
The default for temp files is 0600. But you can chmod() the tempfile or the normal file to whatever is appropriate for your application.
Download (untitled) / with headers
text/plain 790b
On Wed Feb 06 20:09:09 2013, DAGOLDEN wrote: Show quoted text
> On Sun Jan 06 09:07:23 2013, vsespb wrote:
> > I don't want to have attributes 0600 for normal file, as it should have > > attributes that user expects (defined by umask).
> > The default for temp files is 0600. But you can chmod() the tempfile or > the normal file to whatever is appropriate for your application.
I ran into this issue with Template Toolkit's compiled templates (it uses File::Temp to create files). We have two processes (running as two different users) using templates. The first time of the processes uses a template the compiled version is written to disk with 0600 permissions so when the other process tries to load the compiled template it fails. See also rt# 84840 https://rt.cpan.org/Ticket/Display.html?id=84840
Download (untitled) / with headers
text/plain 988b
On Wed Apr 24 16:22:14 2013, MMUSGROVE wrote: Show quoted text
> I ran into this issue with Template Toolkit's compiled templates (it > uses File::Temp to create files). We have two processes (running as > two different users) using templates. The first time of the > processes uses a template the compiled version is written to disk > with 0600 permissions so when the other process tries to load the > compiled template it fails. > > See also rt# 84840 https://rt.cpan.org/Ticket/Display.html?id=84840
The main problem is that File::Temp bends over backwards to protect your temp files from being read by others (and deliberately ignores umask because most of the time people want safe temp files regardless of umask). Is Template Toolkit intending for its temp files to be permanent? How does it know when they can be deleted? I suppose I could conceive of having that relaxed a bit with a "do not set umask" option if the locaton of the temp directory itself is being over-ridden.
Ticket migrated to github as http://example.com/issue/1234


This service is sponsored and maintained by Best Practical Solutions and runs on Perl.org infrastructure.

Please report any issues with rt.cpan.org to rt-cpan-admin@bestpractical.com.