I guess its a little out of core scope here, nobody responded so I did more guesswork and figured out a few things. If anyone could validate them or suggest any thoughts I'd appreciate it.
1.) Rails seems to have nothing to do with the permissions, maye the ruby module somehow defaults itself? 2.) It seems that whatever you do with linux file permissions for your user, if they can write, the file shows up as -rw-rw-rw 3.) You can write this single line before opening or writing to file: File.umask(077) This seems to set the umask for the rest of the file manipulations. 4.) I haven't tested it, but I would suspect if you ran this line in your enviornment.rb it would probably stick and the permissions would stay that way until you change them? I suspect that the permissions default rw-rw-rw as they do because usually there is some sort of web server, apache, IIS, etc that should be used to render the files, and often that web server isn't running in the same process or user as mongrel/rails. I think this is sensible, but when data is sensitive and you have more then one user for the server you don't want to give the world read permissions to the apache, the world, etc. Maybe a lot of developers don't want to think about users and permissions, but for security standards and awareness I think that this should be at least mentioned in the configuration.... especially on a shared hosting account, world writable, scary! -Josh On Jun 9, 7:47 pm, Josh <[email protected]> wrote: > I am running rails on mongrel with RHEL5 and I have a curious issue > with the file permissions set when I upload a file and store it to my > uploads storage folder. I have the uploads storate folder set to > drwx------ owned by my user who is running mongrel. When the files get > written they come out -rw-rw-rw. I am aware the file.write is a ruby > module (which is what I am using to write) but I can't seem to find > anywhere how it ends up -rw-rw-rw and not just the default folder > permission or umask ... I even set my user's umask to 077 in /etc/ > bashrc before I started mongrel, and still, after an upload -rw-rw- > rw ... It could be a system issue, but I figured I'd ask. I am also > aware that I can follow my file.write up with a umask or chmod, but I > thought to check with the community to see if there was a place where > I can just default all file writing to -rw------ ... it seems safest > to default to this, especially in a shared server environment. --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "Ruby on Rails: Core" group. To post to this group, send email to [email protected] To unsubscribe from this group, send email to [email protected] For more options, visit this group at http://groups.google.com/group/rubyonrails-core?hl=en -~----------~----~----~----~------~----~------~--~---
