Fixed critical issues with incorrect permissions set on files the db has written - it was only rw-- for the user that wrote them, but should be readable by everyone by default

Byron · Byron · commit d3a0037dd5a1 · 2010-06-24T15:28:22.000+02:00
diff --git a/db/loose.py b/db/loose.py
@@ -28,6 +28,7 @@
 		to_hex_sha,
 		hex_to_bin,
 		exists,
+		chmod,
 		isdir,
 		mkdir,
 		rename,
@@ -199,6 +200,10 @@ def store(self, istream):
 				mkdir(obj_dir)
 			# END handle destination directory
 			rename(tmp_path, obj_path)
+			
+			# make sure its readable for all ! It started out as rw-- tmp file
+			# but needs to be rrr
+			chmod(obj_path, 0444)
 		# END handle dry_run
 		
 		istream.sha = hexsha
diff --git a/util.py b/util.py
@@ -54,6 +54,7 @@ def unpack_from(fmt, data, offset=0):
 # os shortcuts
 exists = os.path.exists
 mkdir = os.mkdir
+chmod = os.chmod
 isdir = os.path.isdir
 rename = os.rename
 dirname = os.path.dirname
@@ -291,6 +292,9 @@ def _end_writing(self, successful=True):
 				# END remove if exists
 			# END win32 special handling
 			os.rename(lockfile, self._filepath)
+			
+			# assure others can at least read the file - the tmpfile left it at rw--
+			chmod(self._filepath, 0444)
 		else:
 			# just delete the file so far, we failed
 			os.remove(lockfile)
