! Please note that this is a snapshot of our old Bugzilla server, which is read only since May 29, 2020. Please go to gitlab.xfce.org for our new server !
umask problems when starting as a daemon


Description Yves-Alexis Perez editbugs 2009-10-03 08:05:29 CEST

it seems that, when Thunar is started as daemon, part of the session, it's run before any umask is set. Then, when it creates files for folders, it creates them with 666 or 777 permissions which is a bit insecure. 

When starting from the terminal, with a umask correctly set, it works pretty fine. It'd be nice to have a more secure default value.

Thanks for the work!
Comment 1 Yves-Alexis Perez editbugs 2009-10-03 08:22:38 CEST
Hmhm, it's a bit more complicated.

The umask is sometimes correctly picked, sometimes not, depending on how it's started (Terminal, shortcut, xfrun4 etc.) and if it's started as a daemon.

But anyway the default permissions should be fixed to something saner (I'd advise 0700 and 0600 but if it's too paranoid, 0755 and 0644 might make sense)
Comment 2 Jannis Pohlmann editbugs 2009-10-03 09:10:47 CEST
So, when taking a look at the source code, this is what I found out:

Creating directories (_thunar_vfs_io_jobs_mkdir) calls umask(0) 
which returns the current umask value and resets it to 0. The 
problem is that we never set the umask back to its previous value
after this. So after creating the first directory, umask is broken.

Creating files (_thunar_vfs_io_jobs_create) is different. We pass
DEFFILEMODE to g_open() when creating a new file. This is weird as 
this macro is BSD-specific (!) and usually set to 0666. We don't 
respect umask at all here but for some reason files on Yves-Alexis'
machine still end up being created with 0644. This even works after
creating the first directory, so for some reason the issue above
doesn't apply to the creation of new files.

The first issue is easy to fix: use getumask() if available, 
otherwise use something along these lines:

  mode_t mask = umask(0);
  /* we can now use the mask variable */

I'm not sure about how to proceed with DEFFILEMODE yet.
Comment 3 Jannis Pohlmann editbugs 2009-10-03 09:39:22 CEST

*** This bug has been marked as a duplicate of bug 3532 ***

Bug #5813

Reported by:
Yves-Alexis Perez
Reported on: 2009-10-03
Last modified on: 2010-11-07


Jannis Pohlmann
CC List:
1 user




Additional information