Skip to content

Revert "Set umask before operations that create local files" #31293

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Closed
bgottschall wants to merge 9 commits into from
Closed

Revert "Set umask before operations that create local files" #31293

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
9 commits
Select commit Hold shift + click to select a range
ee7acd6
Revert "Merge pull request #25280 from nextcloud/explicit-file-permis…
Feb 21, 2022
78c02f4
* removed unecessary and incomplete chmod in mkdir
Mar 7, 2022
79e971f
* removed spaces
Mar 7, 2022
64060bd
* added umask check
Mar 7, 2022
96dfc78
* fixed umask check
Mar 7, 2022
ec3199f
Merge branch 'master' into revert/explicit-file-permissions
Mar 18, 2022
48f5a51
* forgot umask entry in the testCheck
Mar 22, 2022
e8d33ef
Merge branch 'master' into revert/explicit-file-permissions
Mar 24, 2022
8e25b79
Merge branch 'master' into revert/explicit-file-permissions
Mar 24, 2022
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
10 changes: 10 additions & 0 deletions apps/settings/lib/Controller/CheckSetupController.php
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -26,6 +26,7 @@
* @author Timo Förster <[email protected]>
* @author Valdnet <[email protected]>
* @author MichaIng <[email protected]>
* @author Björn Gottschall <[email protected]>
*
* @license AGPL-3.0
*
Expand Down Expand Up @@ -828,6 +829,14 @@ protected function imageMagickLacksSVGSupport(): bool {
return extension_loaded('imagick') && count(\Imagick::queryFormats('SVG')) === 0;
}

/**
* Checks if the process umask has owner read/write/execute permissions
* @return bool
*/
protected function hasRecommendedUMask(): bool {
return ((umask() & 0700) === 0000);
}

/**
* @return DataResponse
* @AuthorizedAdminSetting(settings=OCA\Settings\Settings\Admin\Overview)
Expand Down Expand Up @@ -890,6 +899,7 @@ public function check() {
SupportedDatabase::class => ['pass' => $supportedDatabases->run(), 'description' => $supportedDatabases->description(), 'severity' => $supportedDatabases->severity()],
'temporaryDirectoryWritable' => $this->isTemporaryDirectoryWritable(),
LdapInvalidUuids::class => ['pass' => $ldapInvalidUuids->run(), 'description' => $ldapInvalidUuids->description(), 'severity' => $ldapInvalidUuids->severity()],
'hasRecommendedUMask' => $this->hasRecommendedUMask(),
]
);
}
Expand Down
1 change: 1 addition & 0 deletions apps/settings/tests/Controller/CheckSetupControllerTest.php
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -671,6 +671,7 @@ public function testCheck() {
'isFairUseOfFreePushService' => false,
'temporaryDirectoryWritable' => false,
\OCA\Settings\SetupChecks\LdapInvalidUuids::class => ['pass' => true, 'description' => 'Invalid UUIDs of LDAP users or groups have been found. Please review your "Override UUID detection" settings in the Expert part of the LDAP configuration and use "occ ldap:update-uuid" to update them.', 'severity' => 'warning'],
'hasRecommendedUMask' => true,
]
);
$this->assertEquals($expected, $this->checkSetupController->check());
Expand Down
19 changes: 3 additions & 16 deletions lib/private/Files/Storage/Local.php
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -95,9 +95,7 @@ public function getId() {

public function mkdir($path) {
$sourcePath = $this->getSourcePath($path);
$oldMask = umask(022);
$result = @mkdir($sourcePath, 0777, true);
umask($oldMask);
return $result;
}

Expand Down Expand Up @@ -269,13 +267,11 @@ public function touch($path, $mtime = null) {
if ($this->file_exists($path) and !$this->isUpdatable($path)) {
return false;
}
$oldMask = umask(022);
if (!is_null($mtime)) {
$result = @touch($this->getSourcePath($path), $mtime);
} else {
$result = @touch($this->getSourcePath($path));
}
umask($oldMask);
if ($result) {
clearstatcache(true, $this->getSourcePath($path));
}
Expand All @@ -288,10 +284,7 @@ public function file_get_contents($path) {
}

public function file_put_contents($path, $data) {
$oldMask = umask(022);
$result = file_put_contents($this->getSourcePath($path), $data);
umask($oldMask);
return $result;
return file_put_contents($this->getSourcePath($path), $data);
}

public function unlink($path) {
Expand Down Expand Up @@ -361,18 +354,12 @@ public function copy($path1, $path2) {
if ($this->is_dir($path1)) {
return parent::copy($path1, $path2);
} else {
$oldMask = umask(022);
$result = copy($this->getSourcePath($path1), $this->getSourcePath($path2));
umask($oldMask);
return $result;
return copy($this->getSourcePath($path1), $this->getSourcePath($path2));
}
}

public function fopen($path, $mode) {
$oldMask = umask(022);
$result = fopen($this->getSourcePath($path), $mode);
umask($oldMask);
return $result;
return fopen($this->getSourcePath($path), $mode);
}

public function hash($type, $path, $raw = false) {
Expand Down
31 changes: 0 additions & 31 deletions tests/lib/Files/Storage/LocalTest.php
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -108,35 +108,4 @@ public function testDisallowSymlinksInsideDatadir() {
$storage->file_put_contents('sym/foo', 'bar');
$this->addToAssertionCount(1);
}

public function testWriteUmaskFilePutContents() {
$oldMask = umask(0333);
$this->instance->file_put_contents('test.txt', 'sad');
umask($oldMask);
$this->assertTrue($this->instance->isUpdatable('test.txt'));
}

public function testWriteUmaskMkdir() {
$oldMask = umask(0333);
$this->instance->mkdir('test.txt');
umask($oldMask);
$this->assertTrue($this->instance->isUpdatable('test.txt'));
}

public function testWriteUmaskFopen() {
$oldMask = umask(0333);
$handle = $this->instance->fopen('test.txt', 'w');
fwrite($handle, 'foo');
fclose($handle);
umask($oldMask);
$this->assertTrue($this->instance->isUpdatable('test.txt'));
}

public function testWriteUmaskCopy() {
$this->instance->file_put_contents('source.txt', 'sad');
$oldMask = umask(0333);
$this->instance->copy('source.txt', 'test.txt');
umask($oldMask);
$this->assertTrue($this->instance->isUpdatable('test.txt'));
}
}