AGWA / git-crypt

Transparent file encryption in git
https://www.agwa.name/projects/git-crypt/
GNU General Public License v3.0
8.32k stars 479 forks source link

encrypted files lose permissions #95

Closed xcolwell closed 8 years ago

xcolwell commented 8 years ago

I've noticed encrypted files don't keep permissions correctly. I haven't yet determined if this is a problem with the commit or the pull. Are permissions supposed to work correctly with git-crypt?

AGWA commented 8 years ago

@xcolwell By "permissions," you only mean the execute bit, correct?

xcolwell commented 8 years ago

My problem is the read bit. For example, I have two keys stored as

-rw-------  1 USER staff 1696 May 25 00:38 XXX.pem
-rw-------  1 USER staff 1692 May 25 00:38 YYY.pem

After a pull and git-crypt unlock the permissions look like

-rw-r--r--  1 USER staff 1696 Sep 12 00:59 XXX.pem
-rw-r--r--  1 USER staff 1692 Sep 12 00:59 YYY.pem
smemsh commented 8 years ago

did you test what git itself does (without git-crypt)? you probably need a post-checkout hook if you want file permissions

AGWA commented 8 years ago

Git only tracks the execute bit, so this is expected and would happen even if you weren't using git-crypt.

If you want Git operations such as git pull, git checkout, and git-crypt unlock to create files with certain permissions, you need to set your umask. For instance, running umask 077 will ensure that files created by Git are not readable or writable by other users.