fix some file modes in calls to withTmpFileIn to honor umask

Also audited for other calls to openTempFile, and all are ok,
except for viaTmp which will need further work.

Remote.Directory fixed to set umask mode when writing to an export,
although it has another one using viaTmp that's not fixed.
Will make exports that are published via a http server running as
another user work, for example.

Remote.BitTorrent fixed to set umask mode when downloading the torrent
file. Normally this does not matter as that file does not hang around
after the download, but if a bittorrent download were started by one user,
got interrupted and then another user ran it, this will let them access
the torrent file created by the first user.
This commit is contained in:
Joey Hess 2020-09-02 14:25:12 -04:00
parent 5a9f518a42
commit eed20fe3b7
No known key found for this signature in database
GPG key ID: DB12DB0FF05F8F38
5 changed files with 51 additions and 7 deletions

View file

@ -31,6 +31,7 @@ import Remote.Helper.ExportImport
import Types.Import
import qualified Remote.Directory.LegacyChunked as Legacy
import Annex.Content
import Annex.Perms
import Annex.UUID
import Backend
import Types.KeySource
@ -436,6 +437,7 @@ storeExportWithContentIdentifierM dir src _k loc overwritablecids p = do
liftIO $ withMeteredFile src p (L.hPut tmph)
liftIO $ hFlush tmph
liftIO $ hClose tmph
resetAnnexFilePerm tmpf
liftIO (getFileStatus tmpf) >>= liftIO . mkContentIdentifier tmpf >>= \case
Nothing -> giveup "unable to generate content identifier"
Just newcid -> do