Files get created with their original mode and only chmodded later. If say the source file is 644 and the install command was invoked with -m 700, then there is a time window where the file can be opened by others whey should not be able to do it. gnu coreutils install makes sure to start with a 0600 file first preventing the problem.
Files get created with their original mode and only chmodded later. If say the source file is 644 and the install command was invoked with
-m 700
, then there is a time window where the file can be opened by others whey should not be able to do it. gnu coreutils install makes sure to start with a 0600 file first preventing the problem.How to repro:
strace on the gnu coreutils variant:
The file is now 0600, also note O_EXCL.
In contrast strace of the rust variant:
Side note but notice excessive statx calls.
The file is now 644, anyone with access to the directory can open it.
What is this fchmod doing?
This should be fchmod on the fd. Interestingly gnu install rolls with a path-based variant as well.
Looks like the trouble stems from std::fs::copy.