Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

autosave: add option for permissions on autosave JSON files #768

Open
klauer opened this issue May 4, 2021 · 0 comments
Open

autosave: add option for permissions on autosave JSON files #768

klauer opened this issue May 4, 2021 · 0 comments
Labels
server pvproperty, PVGroup, and related

Comments

@klauer
Copy link
Member

klauer commented May 4, 2021

State

For the autosave IOC helper, NamedTemporaryFile is used to write the autosave state in JSON format, which is then moved/renamed to its date/timestamped filename.

Issue

NamedTemporaryFile does not respect the user's default umask, as temporary files are generally intended to only be accessible by the owner.

This means that for IOCs run as services (or under procserv) with a special "IOC user" may write files that are not readable by others.

Fix

  • Allow the IOC author to configure the autosave file's permissions
  • Set permissions when writing out autosave files
@klauer klauer added the server pvproperty, PVGroup, and related label May 4, 2021
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
server pvproperty, PVGroup, and related
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@klauer