The default bug view has changed. See this FAQ.

umask for emails saved as a file are not respecting system umask

RESOLVED FIXED in Thunderbird 22.0

Status

MailNews Core
Backend
RESOLVED FIXED
8 years ago
4 years ago

People

(Reporter: Steve McMillen, Assigned: Magnus Melin)

Tracking

Trunk
Thunderbird 22.0

Firefox Tracking Flags

(Not tracked)

Details

Attachments

(1 attachment)

(Reporter)

Description

8 years ago
User-Agent:       Mozilla/5.0 (Macintosh; U; Intel Mac OS X 10.5; en-US; rv:1.9.1b3pre) Gecko/20090109 Shiretoko/3.1b3pre
Build Identifier: Mozilla/5.0 (Macintosh; U; Intel Mac OS X 10.5; en-US; rv:1.9.1b3pre) Gecko/20090108 Shredder/3.0b2pre

Mac OS 10.5 allows for the default UMask for GUI apps to be changed via a property called NSUmask located in .GlobalPreferences.plist (either in /Library/Preferences for all users or in ~/Library/Preferences for a single user - note below tips on how to set this).

When this is set, applications should set the umask accordingly.  Thunderbird 2.0.19 does correctly respect this value.  Shredder/3.0b2pre does not respect this value and continues to use 022 always as its umask.



Reproducible: Always

Steps to Reproduce:
1. Set the umask on Mac OS 10.5 from default (022) to '002' (allow edit by members of same group - I do this when exporting emails in html format to our web site)
1. Open Shredder/3.0b2pre
2. Select a message either in Mail and Newsgroups window or Message Viewer window and "Save As" a new file.  Either set the output format to html or leave as .eml
3. Observe permissions on file.  

Expected: Permissions are rw-rw-r--
Actual: Permissions are rw-r--r--

Actual Results:  
Actual: Permissions are rw-r--r--

Expected Results:  
Expected: Permissions are rw-rw-r--


In contract, open Thunderbird 2.0.0.19
Perform the same actions (i.e. save an email to file)
In this case, the NSUmask setting in mac OS appears to be respected. The permissions come out to rw-rw-r-- as expected.


Tips about setting Umask on Mac OS X:

These two elements must be added to the .GlobalPreferences.plist (either in /Library/Preferences for all users or in ~/Library/Preferences for a single user - note below tips on how to set this).

	<key>NSUmask</key>
	<string>2</string>

Note: There is misleading info in the mac os x hints.  The doc I found that worked for me is this:
http://images.apple.com/server/macosx/docs/Leopard_Security_Config_20080530.pdf

(Apple's newly updated PDF guide titled Mac OS X: Security Configuration For Version 10.5 Leopard does mention the global variable NSUmask)

This recommends the following command line be used to set the pref:
sudo defaults write /Library/Preferences/.GlobalPreferences NSUmask 2
Component: General → Networking: File
Keywords: regression
Product: Thunderbird → Core
QA Contact: general → networking.file
Version: unspecified → 1.9.1 Branch
(Assignee)

Comment 1

8 years ago
Does firefox respect it, for saving web pages?
(Reporter)

Comment 2

8 years ago
The bug report is about Thunderbird 3.x (Shredder/3.0b2pre).

Shredder/3.0b2pre does not respect the NSUMask for saving Email as HTML (nor does it use the system umask either set in bashrc file).  

2.x versions of Thunderbird do respect this value and write files with the correct permissions.

This is a big problem for me as I often archive email discussions/decisions onto our team web site.

hope this make it more clear.  Sorry.
(Assignee)

Comment 3

8 years ago
Yes I know what you mean, but does *firefox* respect it?
It's probably fallout from our file handling code modernization (code that's shared with firefox)
(Reporter)

Comment 4

8 years ago
The latest Shiretoko/3.1b3pre  does seem to be respecting the value set for NSUMask.  I tried saving a web page using Cmd-S and also right clicking a PDF and saving that to disk.  Permissions came out as rw-rw-r-- (as expected for the NSUmask)

Latest Shredder/3.0b2pre is not.  Saving an email still results in permissions of rw-------

Comment 5

7 years ago
Is this related to 
Bug 533976  - wrong file permissions when saving or detaching attachment  ?
Duplicate of this bug: 676339

Comment 7

6 years ago
Yes, I can reproduce with Earlybird (Mozilla/5.0 (X11; Linux x86_64; rv:7.0a2) Gecko/20110804 Thunderbird/7.0a2). Switching architecture to All.
OS: Mac OS X → All
Hardware: x86 → All

Comment 8

4 years ago
Thunderbird 17.0.2 creates directories with permissions 0775 and files with 0664, even when my umask is 022.

With a umask of 0222, directories should be created with 0755 and files with 0644.

Ubuntu 12.10, x86-64.

Comment 9

4 years ago
These lax permissions leave directories and files open to tampering by anyone in the same group, and so is a security vulnerability!

Comment 10

4 years ago
(In reply to Steve Kelem from comment #8)
> Thunderbird 17.0.2 creates directories with permissions 0775 and files with
> 0664, even when my umask is 022.
> 
> With a umask of 0222, directories should be created with 0755 and files with
> 0644.
> 
> Ubuntu 12.10, x86-64.

0664 seems to come from:
https://mxr.mozilla.org/comm-central/source/mozilla/netwerk/base/src/nsFileStreams.cpp#822

821 NS_IMETHODIMP
822 nsFileOutputStream::Init(nsIFile* file, int32_t ioFlags, int32_t perm,
823                          int32_t behaviorFlags)
824 {
825     NS_ENSURE_TRUE(mFD == nullptr, NS_ERROR_ALREADY_INITIALIZED);
826     NS_ENSURE_TRUE(!mDeferredOpen, NS_ERROR_ALREADY_INITIALIZED);
827 
828     mBehaviorFlags = behaviorFlags;
829 
830     if (ioFlags == -1)
831         ioFlags = PR_WRONLY | PR_CREATE_FILE | PR_TRUNCATE;
832     if (perm <= 0)
833         perm = 0664;
834 
835     return MaybeOpen(file, ioFlags, perm,
836                      mBehaviorFlags & nsIFileOutputStream::DEFER_OPEN);
837 }

But I am not sure if this may have something to do with
https://bugzilla.mozilla.org/attachment.cgi?id=467834&action=edit
Bug 533976 - wrong file permissions when saving or detaching attachment
(Assignee)

Updated

4 years ago
Assignee: nobody → mkmelin+mozilla
Component: Networking: File → Backend
Keywords: regression
Product: Core → MailNews Core
(Assignee)

Comment 11

4 years ago
Created attachment 707225 [details] [diff] [review]
proposed fix

We should use 0666 to let the system umask apply. (See 120679.)
Attachment #707225 - Flags: review?(mbanner)
(Assignee)

Updated

4 years ago
Status: UNCONFIRMED → ASSIGNED
Ever confirmed: true
(Assignee)

Comment 12

4 years ago
See bug 120679 that is.
Comment on attachment 707225 [details] [diff] [review]
proposed fix

Yeah looks fine.
Attachment #707225 - Flags: review?(mbanner) → review+
(Assignee)

Comment 14

4 years ago
http://hg.mozilla.org/comm-central/rev/62db600f84f1 -> FIXED
Status: ASSIGNED → RESOLVED
Last Resolved: 4 years ago
Resolution: --- → FIXED
Target Milestone: --- → Thunderbird 22.0
Version: 1.9.1 Branch → Trunk
You need to log in before you can comment on or make changes to this bug.