-
Notifications
You must be signed in to change notification settings - Fork 286
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Fix curl creating download dir in 750 mode #1440
base: main
Are you sure you want to change the base?
Conversation
This seems surprising given that there is |
It seems intentional as it was documented resulting from this discussion: curl/curl#4766 |
Hm, this discussion isn't entirely neutral... The point isn't that umask isn't applied. The point is that curl starts with a more restrictive mode than expected (from common practice), and this is surprising. The world part of umask is rendered useless. Users must explicit call (One might see this is as a security feature... but calling |
That is exactly the point for this PR. We probably have the same opinion on this. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
At a minimum this needs a test and to remove the --create-dirs
part. The purpose of --create-dirs
is to deal with racy behavior: The right behavior isn't to try to create directories before doing a thing, it's to try to create the file directly, and only if that fails fall back to trying to create directories and the hope is that curl is able to do such behavior.
@@ -786,6 +786,10 @@ namespace vcpkg | |||
} | |||
} | |||
#endif | |||
// Create directory in advance, otherwise curl will create it in 750 mode on unix style file systems. | |||
const auto dir = download_path_part_path.parent_path(); |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I'm not sure this is the right thing, there are a lot of edge cases where just chopping off the last path element will do the wrong thing. Consider something like a/b/../out.exe
.
My thought was, if the directory does not exist I know in advance that curl will not create it and fail without passing I still think this is maybe the better option compared to trying to fix directory permissions after the curl call, but if there are any better ideas I'm open to try them. Side note: |
This suggests to fix the download directory being created with 750 mode on unix like systems.
Currently, the downloads directory is not readable by other users. This is inconvenient, e.g., for debugging CI systems, when the build directory is not fully readable. Further, this is an inconsistency to all other directories created by vcpkg (buildtrees, packages, installed, ...). All other directories are created with the default mkdir mode.
I traced the problem down to curl being used with the
--create-dirs
option to create all download directories. Curl always uses mode 750 to create directories as written in the docs.This PR fixes the problem by creating the download directory in advance. I found an other usage of
--create-dirs
in the bulk download code: https://github.com/microsoft/vcpkg-tool/blob/2024-06-10/src/vcpkg/base/downloads.cpp#L481But it seems file system access is not already available there, so maybe waiting for feedback if that solution is valid at all before trying to fix this there.