Comments (8)
anarcat
commented on May 22, 2024
2
os.chmod(f.name, mode)
isn't there a possibility of a race here too? it seems to me the chmod should happen on a file descriptor, not a path.
from python-atomicwrites.
pabs3
commented on May 22, 2024
With the proposed option turned on, when creating new files I think it would also be good to obey the system's umask instead of creating files with restricted permissions.
Until there is an option for this, I'm using this code as a workaround:
class AtomicWriterBetterPermissions(AtomicWriter):
def commit(self, f):
try:
mode = stat(self._path).st_mode
except FileNotFoundError:
# Creating a new file, emulate what os.open() does
umask = os.umask(0)
umask(umask)
mode = 0o777 & ~umask
os.chmod(f.name, mode)
super().commit(f)from python-atomicwrites.
pabs3
commented on May 22, 2024
Good point. I think I should also move the permission change time to
before the temporary file is written to, since that could take a while
and the original file could disappear or change modes in the meantime.
```python
class AtomicWriterPerms(AtomicWriter):
def get_fileobject(self, **kwargs):
f = super().get_fileobject(**kwargs)
try:
mode = os.stat(self._path).st_mode
except FileNotFoundError:
# Creating a new file, emulate what os.open() does
umask = os.umask(0)
os.umask(umask)
mode = 0o777 & ~umask
fd = f.fileno()
os.fchmod(fd, mode)
return f
```
…--
bye,
pabs
https://wiki.debian.org/PaulWise
from python-atomicwrites.
untitaker
commented on May 22, 2024
If you figure out a way to do this without any races lmk. I personally have no usecase for this and would think that people who care about this just call chmod with a fixed mask after writing the file to force it to a hardcoded value.
from python-atomicwrites.
pabs3
commented on May 22, 2024
This is my current workaround. There will always be a race since the
original file could change permissions between when the original
file permissions are read and when the new file gets the permissions
changed to the original permissions or it could even change permissions
while the new file is being written to.
```
from os import stat, umask, fchmod
from atomicwrites import AtomicWriter, atomic_write
class AtomicWriterPerms(AtomicWriter):
def get_fileobject(self, **kwargs):
f = super().get_fileobject(**kwargs)
try:
mode = stat(self._path).st_mode
except FileNotFoundError:
# Creating a new file, emulate what os.open() does
mask = umask(0)
umask(mask)
mode = 0o777 & ~mask
fd = f.fileno()
fchmod(fd, mode)
return f
```
…--
bye,
pabs
https://bonedaddy.net/pabs3/
from python-atomicwrites.
scottj97
commented on May 22, 2024
+1 on this. Changing a file's permissions when overwriting is not expected behavior.
from python-atomicwrites.
andersk
commented on May 22, 2024
umask = os.umask(0)
Since the umask is per-process, not per-thread, changing it is a potential security problem in the presence of multiple threads. (See https://bugs.python.org/issue21082.)
That’s also why it’s hard for callers to “just call chmod with a fixed mask after writing the file”—it’s difficult to compute the correct mask in a threadsafe way.
My approach for the corresponding bug in Click avoids this problem by replacing tempfile with direct calls to os.open, which naturally respects the umask: pallets/click#1400.
from python-atomicwrites.
untitaker
commented on May 22, 2024
it’s difficult to compute the correct mask in a threadsafe way.
My recommendation was to set it to a value that is hardcoded in your software. I recognize that this is not always possible but it's certainly the least likely to cause races.
from python-atomicwrites.
Related Issues (20)
- Some network filesystems don't support `_sync_directory` HOT 3
- Can it work with pickle.dump/json.dump instead of text only ? HOT 4
- Unlimited recursion on Windows with Python 2.7 HOT 2
- How do I integrate this with ZipFile? HOT 1
- Add `atomic_folder` HOT 7
- Improve control over line endings HOT 3
- Use of prefix, suffix and bufsize for tempfile broken by #37
- FEAT: file locking HOT 1
- Clarify whether Atomicwrites supports Python 3.7 HOT 2
- switch from `MoveFileExW` to `MoveFileTransactedW` on windows. HOT 2
- `pathlib.Path` support HOT 4
- Assuming the pypi release is for the Path change HOT 1
- Support Python 3.8 HOT 1
- _replace_atomic not working on Windows 10 HOT 3
- Atomic writes for 3rd-party libraries that only take a filename HOT 3
- os.link fallback for unsupported environments HOT 2
- Choice of encoding? HOT 1
- atomicwrites' old versions have been purged from pypi HOT 2
- Atomicwrites 1.4.0 not found HOT 1
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from python-atomicwrites.