There may be a difference between daemons coded in C and Python. In C, it is trivial for the programmer to force fixed mode flags when opening files that may not exist - by supplying the 3rd argument to open() . In Python one would have to drop to OS specific code to do that - in fact I cannot remember the spelling OTTOMH. On Jul 15, 2014 9:35 PM, "Ben Finney" <[email protected]> wrote:
> On 15-Jul-2014, Michael Hrivnak wrote: > > > The summary is that worker daemon processes in celery by default > > will change their umask to 0. Then if they create new files, those > > files will be world-writable. Looking at PEP 3143, it seems that > > python-daemon may also have a default umask of 0. > > Yes, this is a specific mandate from the primary source for standard > Unix daemon behaviour. As cited in PEP 3143, the library follows “Unix > Network Programming”, W. Richard Stevens, 1994 Prentice Hall. Section > 2.6 of that book details the behaviour a properly-behaving Unix daemon > should execute. > > In particular: > > Reset the File Access Creation Mask > > A process inherits its file access creation mask from its parent. > A daemon should execute: > > umask(0); > > to reset this mask. This prevents any files created by the daemon > from having their access bits modified. … > > > Zero is is not a safe or expected default. > > It is the only expected default I know of; the Stevens book is the > canonical source for expected behaviour of Unix daemons, AFAIK. > > > The safe default is for a process to not change its inherited umask > > unless explicitly directed to do so. Having a setting to change it > > is fine, but the default behavior should be "no change". > > That would contradict the standard reference text, as far as I can see. > > > The impact of this behavior is that unless a user knows to > > explicitly set a safe umask on their daemon processes, they could > > end up with world-writable files without realizing it. > > I can modify the documentation to make clear that this is standard > behaviour. Can you suggest wording? > > -- > \ “At my lemonade stand I used to give the first glass away free | > `\ and charge five dollars for the second glass. The refill | > _o__) contained the antidote.” —Emo Philips | > Ben Finney <[email protected]> > > _______________________________________________ > python-daemon-devel mailing list > [email protected] > http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/python-daemon-devel > >
_______________________________________________ python-daemon-devel mailing list [email protected] http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/python-daemon-devel
