Folder permissions get mixed up...
43 views
Skip to first unread message
Ingwie Phoenix
Sep 9, 2014, 9:16:07 PM9/9/14
to nod...@googlegroups.com
Hey list.
I am trying to use the following function for a matter of security in my app:
function doDirs(uid, gid) {
var dirs = [
config.base+"/cache",
config.base+"/cdn/assets",
config.base+"/config"
];
for(var i=0; dirs.length > i; i++) {
var dir = dirs[i];
log.info("BIRD3 Security -> "+dir+"...");
if(!fs.existsSync(dir)) fs.mkdirSync(dir, 755);
if(!fs.writeFileSync(dir+"/.tmp", "o.o")) {
fs.chmodSync(dir, 755);
fs.unlink(dir+"/.tmp", function(){});
}
fs.chownSync(dir, uid, gid);
}
}
However, after this function was executed…
Ingwies-Macbook-Pro:BIRD3 Ingwie$ ls -ald cache/ cdn/assets/ config/
d-wxrw--wt+ 3 Ingwie staff 102 9 Sep 05:08 cache/
d-wxrw--wt+ 4 Ingwie staff 136 9 Sep 05:08 cdn/assets/
d-wxrw--wt+ 6 Ingwie staff 204 9 Sep 05:08 config/
All my read permissions are gone O_o.
What is the correct value to make it: r w x | r - - | r - - ?
This is done before changing to a new user, assigning read/write/execute permissions jsut for this one user, and read-only for the rest…
The full code is found here: http://git.ingwie.me/ingwie/bird3/blob/master/lib/security_handler.js
Kind regards, Ingwie.
I am trying to use the following function for a matter of security in my app:
function doDirs(uid, gid) {
var dirs = [
config.base+"/cache",
config.base+"/cdn/assets",
config.base+"/config"
];
for(var i=0; dirs.length > i; i++) {
var dir = dirs[i];
log.info("BIRD3 Security -> "+dir+"...");
if(!fs.existsSync(dir)) fs.mkdirSync(dir, 755);
if(!fs.writeFileSync(dir+"/.tmp", "o.o")) {
fs.chmodSync(dir, 755);
fs.unlink(dir+"/.tmp", function(){});
}
fs.chownSync(dir, uid, gid);
}
}
However, after this function was executed…
Ingwies-Macbook-Pro:BIRD3 Ingwie$ ls -ald cache/ cdn/assets/ config/
d-wxrw--wt+ 3 Ingwie staff 102 9 Sep 05:08 cache/
d-wxrw--wt+ 4 Ingwie staff 136 9 Sep 05:08 cdn/assets/
d-wxrw--wt+ 6 Ingwie staff 204 9 Sep 05:08 config/
All my read permissions are gone O_o.
What is the correct value to make it: r w x | r - - | r - - ?
This is done before changing to a new user, assigning read/write/execute permissions jsut for this one user, and read-only for the rest…
The full code is found here: http://git.ingwie.me/ingwie/bird3/blob/master/lib/security_handler.js
Kind regards, Ingwie.
Jimb Esser
Sep 10, 2014, 7:11:29 PM9/10/14
to nod...@googlegroups.com
The correct value for rwx/r-x/r-x, as an integer, is 493. That's the decimal number representation of the octal number 755. You can pass the string '755' which node kindly, if confusingly, interprets as octal instead of decimal when you pass a string to chmod, or 0755, the C-language-and-descendants way of writing an octal number, or, to be most explicit and least likely to confuse your future self, parseInt('755', 8).
Ryan Schmidt
Sep 10, 2014, 7:56:15 PM9/10/14
to nod...@googlegroups.com
On Sep 8, 2014, at 10:13 PM, Ingwie Phoenix wrote:
>
> I am trying to use the following function for a matter of security in my app:
>
> function doDirs(uid, gid) {
> var dirs = [
> config.base+"/cache",
> config.base+"/cdn/assets",
> config.base+"/config"
> ];
> for(var i=0; dirs.length > i; i++) {
> var dir = dirs[i];
> log.info("BIRD3 Security -> "+dir+"...");
> if(!fs.existsSync(dir)) fs.mkdirSync(dir, 755);
> if(!fs.writeFileSync(dir+"/.tmp", "o.o")) {
> fs.chmodSync(dir, 755);
> fs.unlink(dir+"/.tmp", function(){});
> }
> fs.chownSync(dir, uid, gid);
> }
> }
>
>
> Ingwies-Macbook-Pro:BIRD3 Ingwie$ ls -ald cache/ cdn/assets/ config/
> d-wxrw--wt+ 3 Ingwie staff 102 9 Sep 05:08 cache/
> d-wxrw--wt+ 4 Ingwie staff 136 9 Sep 05:08 cdn/assets/
> d-wxrw--wt+ 6 Ingwie staff 204 9 Sep 05:08 config/
>
> All my read permissions are gone O_o.
>
> What is the correct value to make it: r w x | r - - | r - - ?
>
> This is done before changing to a new user, assigning read/write/execute permissions jsut for this one user, and read-only for the rest...
> Ingwies-Macbook-Pro:BIRD3 Ingwie$ ls -ald cache/ cdn/assets/ config/
> d-wxrw--wt+ 3 Ingwie staff 102 9 Sep 05:08 cache/
> d-wxrw--wt+ 4 Ingwie staff 136 9 Sep 05:08 cdn/assets/
> d-wxrw--wt+ 6 Ingwie staff 204 9 Sep 05:08 config/
>
> All my read permissions are gone O_o.
>
> What is the correct value to make it: r w x | r - - | r - - ?
>
>
> The full code is found here: http://git.ingwie.me/ingwie/bird3/blob/master/lib/security_handler.js
Specify the mode as 0755, not 755. Permissions are specified in octal notation, not decimal.
> The full code is found here: http://git.ingwie.me/ingwie/bird3/blob/master/lib/security_handler.js
Reply all
Reply to author
Forward
0 new messages