Created attachment 2360
Prevent folder creation from clobbering umask
The patch in revision 29653 (bug #3532) clobbers Thunar's umask after a folder is created, so future files and folders are created with wide open permissions. It appears that the testing of this patch was limited to creating one folder, or possibly only files. I can imagine security issues related to unwittingly creating world-writable files and folders.
- File/Create Document/Empty File => file is created with correct permissions
- File/Create Folder => folder is created with correct permissions
- File/Create Folder => folder is created with 0777 permissions
- File/Create Document/Empty File => file is created with 0666 permissions
The patch in revision 29653 is trying to be too clever, by calling umask() to get the process' umask. But since umask() also sets the process umask, that call affects any future file operations for the duration of the process. To read the umask correctly, one needs to reset the umask afterwards, with a construct such as:
umask ((dmask = umask (0)));
/* dmask now holds the process' umask, and the umask is kept the same */
However, there is no need to even call umask() in this instance, since mkdir() already honours the process umask in the same way as open(). Therefore I propose the attached patch, which simply removes the umask() call. My own testing indicates that Thunar behaves correctly wrt. file and folder creation permissions when this patch is applied.
Kernel: 2.6.29-gentoo-r5 (i686)
I've got below situation:
xxx@server ~ $ umask
xxx@server ~ $ ls -lrt
drwxr-x--- 2 xxx claims 4096 Jul 8 14:08 Drives
drwx------ 2 xxx claims 4096 Jul 8 14:09 Desktop
-rw-rw---- 1 xxx claims 0 Jul 9 12:37 xxx
drwxrwx--- 2 xxx claims 4096 Jul 9 12:38 xx
xxx@server ~ $ ls -lrt xx/
-rw-rw-rw- 1 xxx claims 0 Jul 9 12:38 aa
-rw-rw---- 1 xxx claims 0 Jul 9 12:38 bb
-rw-rw---- 1 xxx claims 0 Jul 9 12:38 cc
Sequence of events:
1. Create a new folder "xx"
2. Create a new file "aa" <-- permissions rw-rw-rw-
3. Create a new file "bb" [OK]
4. Create a new file "cc" [OK]
Kamchybek, did you try applying the patch I attached? It fixed the problem for us.
Just fixed this one properly. Richard, you're right, umask should not be fiddled with. System calls already apply it for us.
*** This bug has been marked as a duplicate of bug 3532 ***