blob: 5cdefcf09d70a7fad5eafa790571dd0629f17897 (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
|
To make ikiwiki publish world-readable files (usually what you want)
regardless of your umask, you override the `umask` setting to 022
octal (which is 18 in decimal). So far so good.
However, because it's interpreted as a plain number in Perl, the
way you set it varies between formats. In `IkiWiki::Setup::Standard`
you can use either
umask => 022
or (less obviously) one of
umask => 18
umask => "18"
but if you use
umask => "022"
you get the less than helpful umask of 026 octal (22 decimal).
Similarly, in `IkiWiki::Setup::Yaml` (the default for
[ikiwiki-hosting](http://ikiwiki-hosting.branchable.com/)
you have to use one of
umask: 18
umask: "18"
and if you try to say 022 you'll get 22 decimal = 026 octal.
[[!tag patch]]
[[!template id=gitbranch branch=smcv/umask-keywords author="[[smcv]]"]]
Perhaps the best way to solve this would be to have keywords
for the few values of `umask` that are actually useful?
* `private` (= 077 octal = 63 decimal)
* `group` (= 027 octal = 23 decimal)
* `public` (= 022 octal = 18 decimal)
I don't think g+w is a good idea in any case, because as
documented on [[security]], if ikiwiki makes its `srcdir`
group-writeable then any member of the group can "cause
trouble" (escalate privileges to those of the wiki user?)
via a symlink attack. So I don't think we need keywords
for those.
--[[smcv]]
> I support this change, but your git repository does not seem to have
> that branch (or anything) in it today. --[[Joey]]
>> git pushes have a restrictive umask, ironically... fixed. --[[smcv]]
>>> [[done]] --[[Joey]]
|