Bug #82516 for File-Temp: Add option to set permissions mode

Sun Jan 06 09:07:23 2013 victor [...] vsespb.ru - Ticket created

Subject:

No way to avoid 0600

Hi. I am writing a software which download files from network and writes it to disk. I need to create "temp" file, write data to it, then rename it to a "real" normal file (which user will be acessing by his own). Let's call it "normal" file. I don't want to have attributes 0600 for normal file, as it should have attributes that user expects (defined by umask). temp file will reside in same directory as normal file. I don't see why in this case temp file receives 0600 attributes and there is no way to avoid it. ( I don't see security issues here as both temp file and normal file resides in same directory, normal file should definitely have permissions which user wants, so any security issue with temp file can happen with normal file as well)

Wed Feb 06 20:09:09 2013 dagolden [...] cpan.org - Correspondence added

On Sun Jan 06 09:07:23 2013, vsespb wrote: Show quoted text

> I don't want to have attributes 0600 for normal file, as it should have > attributes that user expects (defined by umask).

The default for temp files is 0600. But you can chmod() the tempfile or the normal file to whatever is appropriate for your application.

Wed Feb 06 20:09:10 2013 The RT System itself - Status changed from 'new' to 'open'

Wed Feb 06 20:09:45 2013 dagolden [...] cpan.org - Subject changed from 'No way to avoid 0600' to 'Add option to set permissions mode'

Wed Feb 06 20:09:45 2013 dagolden [...] cpan.org - Severity Wishlist added

Wed Apr 24 16:22:14 2013 mmusgrove [...] cpan.org - Correspondence added

On Wed Feb 06 20:09:09 2013, DAGOLDEN wrote: Show quoted text

> On Sun Jan 06 09:07:23 2013, vsespb wrote:

> > I don't want to have attributes 0600 for normal file, as it should have > > attributes that user expects (defined by umask).

> > The default for temp files is 0600. But you can chmod() the tempfile or > the normal file to whatever is appropriate for your application.

I ran into this issue with Template Toolkit's compiled templates (it uses File::Temp to create files). We have two processes (running as two different users) using templates. The first time of the processes uses a template the compiled version is written to disk with 0600 permissions so when the other process tries to load the compiled template it fails. See also rt# 84840 https://rt.cpan.org/Ticket/Display.html?id=84840

Wed Apr 24 16:28:44 2013 TJENNESS [...] cpan.org - Correspondence added

On Wed Apr 24 16:22:14 2013, MMUSGROVE wrote: Show quoted text

> I ran into this issue with Template Toolkit's compiled templates (it > uses File::Temp to create files). We have two processes (running as > two different users) using templates. The first time of the > processes uses a template the compiled version is written to disk > with 0600 permissions so when the other process tries to load the > compiled template it fails. > > See also rt# 84840 https://rt.cpan.org/Ticket/Display.html?id=84840

The main problem is that File::Temp bends over backwards to protect your temp files from being read by others (and deliberately ignores umask because most of the time people want safe temp files regardless of umask). Is Template Toolkit intending for its temp files to be permanent? How does it know when they can be deleted? I suppose I could conceive of having that relaxed a bit with a "do not set umask" option if the locaton of the temp directory itself is being over-ridden.

Sat Apr 02 23:40:07 2016 dagolden [...] cpan.org - Correspondence added

Ticket migrated to github as http://example.com/issue/1234

Sat Apr 02 23:41:26 2016 dagolden [...] cpan.org - Correspondence added

Ticket migrated to github as https://github.com/Perl-Toolchain-Gang/File-Temp/issues/15