Default upload permissions
153 views
Skip to first unread message
Claude Paroz
Jul 13, 2018, 12:19:32 PM7/13/18
to django-d...@googlegroups.com
Hi all,
https://code.djangoproject.com/ticket/28540 explains that unless
FILE_UPLOAD_PERMISSION is set (not set by default), uploaded file
permissions are often a mix of 0o600 and 0o644 (or another value
depending of the default umask), based on the upload method (memory or
temporary file) which itself vary depending on the file size.
My opinion is like the reporter's that those permissions should not vary
depending on the used upload method, that's why I suggested the PR
(probably not the cleanest one!):
https://github.com/django/django/pull/10116
Please read the conversation and tell us if you have anything to add
that could help make a decision. Thanks.
Claude
--
www.2xlibre.net
https://code.djangoproject.com/ticket/28540 explains that unless
FILE_UPLOAD_PERMISSION is set (not set by default), uploaded file
permissions are often a mix of 0o600 and 0o644 (or another value
depending of the default umask), based on the upload method (memory or
temporary file) which itself vary depending on the file size.
My opinion is like the reporter's that those permissions should not vary
depending on the used upload method, that's why I suggested the PR
(probably not the cleanest one!):
https://github.com/django/django/pull/10116
Please read the conversation and tell us if you have anything to add
that could help make a decision. Thanks.
Claude
--
www.2xlibre.net
Carlton Gibson
Dec 5, 2018, 3:54:47 AM12/5/18
to Django developers (Contributions to Django itself)
Hi all,
This has come up again. So proposal below.
https://code.djangoproject.com/ticket/30004 "Document TemporaryUploadedFile potential permission issues"
Issue is that, with the default settings, you get 0o644 permissions for "small" files and 0o600 permissions for "big" ones.
(Depending on which upload handler is used.)
History:
* Claude and I discussed this a bit.
* We are agreed the inconsistent default isn't great.
* We noted just setting FILE_UPLOAD_PERMISSION solves this.
* Given FILE_UPLOAD_PERMISSION = None, Claude suggested a patch which would "guess" the permissions to use from the process umask.
* I didn't like this:
* too clever, and ultimately not our business.
* Would work for default settings but get in the way once you started using the related file upload settings. (And so would need an opt-out.)
* In the end we just added a note to the deployment checklist.
This wasn't good enough. (Clearly.)
Proposal: we should change the default for FILE_UPLOAD_PERMISSION to 0o644 (or maybe 0o664), and document that as a backward incompatible change. This would be correct for almost all users. If you're deliberately leveraging `FILE_UPLOAD_PERMISSION = None` it's an easy switch back to the current behaviour.
Can I ask you to comment? Thanks.
Kind Regards,
Carlton
René Fleschenberg
Dec 7, 2018, 11:04:21 AM12/7/18
to django-d...@googlegroups.com
Hi,
On 12/5/18 9:54 AM, Carlton Gibson wrote:
> *Proposal*: we should change the default for FILE_UPLOAD_PERMISSION to
I am very much in favor of this.
The second-best solution in my opinion would be to have ``manage.py
startproject`` explicitly write the setting, either as 0o644 or as 0o600.
--
René Fleschenberg
On 12/5/18 9:54 AM, Carlton Gibson wrote:
> *Proposal*: we should change the default for FILE_UPLOAD_PERMISSION to
> 0o644 (or maybe 0o664), and document that as a backward incompatible
> change. This would be correct for almost all users. If you're
> deliberately leveraging `FILE_UPLOAD_PERMISSION = None` it's an easy
> switch back to the current behaviour.
As someone who wasted a couple of hours because of the current behavior,
> change. This would be correct for almost all users. If you're
> deliberately leveraging `FILE_UPLOAD_PERMISSION = None` it's an easy
> switch back to the current behaviour.
I am very much in favor of this.
The second-best solution in my opinion would be to have ``manage.py
startproject`` explicitly write the setting, either as 0o644 or as 0o600.
--
René Fleschenberg
Ira Abbott
Dec 10, 2018, 3:48:01 PM12/10/18
to Django developers (Contributions to Django itself)
I like this solution, as it applies the fix for new things moving forward with no change in
behavior to cause problem for existing tweaked in sites. The most likely
time to run in to this problem is, in my opinion, is when varying platforms or starting fresh
projects. Once settled in to a project/platform combination, minor OS and platform feature
patches, etc. are are unlikely to change behavior.
Reply all
Reply to author
Forward
0 new messages