author | Matthieu Moy <Matthieu.Moy@imag.fr> | |
Mon, 22 Feb 2010 22:32:14 +0000 (23:32 +0100) | ||
committer | Junio C Hamano <gitster@pobox.com> | |
Mon, 22 Feb 2010 23:24:46 +0000 (15:24 -0800) | ||
commit | f80c7ae8fe9c0f3ce93c96a2dccaba34e456e33a | |
tree | b3da9439a3440f062f0aa54e01ecb3f7598f1136 | tree | snapshot |
parent | b862b61c03797fd00490bb8caf05be840b79c6cb | commit | diff |
Use git_mkstemp_mode and xmkstemp_mode in odb_mkstemp, not chmod later.
We used to create 0600 files, and then use chmod to set the group and
other permission bits to the umask. This usually has the same effect
as a normal file creation with a umask.
But in the presence of ACLs, the group permission plays the role of
the ACL mask: the "g" bits of newly created files are chosen according
to default ACL mask of the directory, not according to the umask, and
doing a chmod() on these "g" bits affect the ACL's mask instead of
actual group permission.
In other words, creating files with 0600 and then doing a chmod to the
umask creates files which are unreadable by users allowed in the
default ACL. To create the files without breaking ACLs, we let the
umask do it's job at the file's creation time, and get rid of the
later chmod.
Signed-off-by: Matthieu Moy <Matthieu.Moy@imag.fr>
Signed-off-by: Junio C Hamano <gitster@pobox.com>
We used to create 0600 files, and then use chmod to set the group and
other permission bits to the umask. This usually has the same effect
as a normal file creation with a umask.
But in the presence of ACLs, the group permission plays the role of
the ACL mask: the "g" bits of newly created files are chosen according
to default ACL mask of the directory, not according to the umask, and
doing a chmod() on these "g" bits affect the ACL's mask instead of
actual group permission.
In other words, creating files with 0600 and then doing a chmod to the
umask creates files which are unreadable by users allowed in the
default ACL. To create the files without breaking ACLs, we let the
umask do it's job at the file's creation time, and get rid of the
later chmod.
Signed-off-by: Matthieu Moy <Matthieu.Moy@imag.fr>
Signed-off-by: Junio C Hamano <gitster@pobox.com>
builtin-pack-objects.c | diff | blob | history | |
t/t1304-default-acl.sh | diff | blob | history | |
wrapper.c | diff | blob | history |