This project is archived and is in readonly mode.
atomic_write is not completely atomic
Reported by Dominique Brezinski | July 19th, 2010 @ 11:22 PM
In activesupport/lib/active_support/core_ext/file/atomic.rb, the chown and chmod should be done on temp_file before the mv, otherwise the file metadata will be inconsistent for a window of time after the mv. mv will carry the file ownership and permissions from temp_file, therefore it is best to set the ownership and permissions on temp_file first.
This:
# Overwrite original file with temp file
FileUtils.mv(temp_file.path, file_name)
# Set correct permissions on new file
chown(old_stat.uid, old_stat.gid, file_name)
chmod(old_stat.mode, file_name)
Should be:
# Set correct permissions on new file
chown(old_stat.uid, old_stat.gid, temp_file)
chmod(old_stat.mode, temp_file)
# Overwrite original file with temp file
FileUtils.mv(temp_file.path, file_name)
Comments and changes to this ticket
-
Santiago Pastorino February 2nd, 2011 @ 04:51 PM
- State changed from new to open
This issue has been automatically marked as stale because it has not been commented on for at least three months.
The resources of the Rails core team are limited, and so we are asking for your help. If you can still reproduce this error on the 3-0-stable branch or on master, please reply with all of the information you have about it and add "[state:open]" to your comment. This will reopen the ticket for review. Likewise, if you feel that this is a very important feature for Rails to include, please reply with your explanation so we can consider it.
Thank you for all your contributions, and we hope you will understand this step to focus our efforts where they are most helpful.
-
Santiago Pastorino February 2nd, 2011 @ 04:51 PM
- State changed from open to stale
Create your profile
Help contribute to this project by taking a few moments to create your personal profile. Create your profile »
<h2 style="font-size: 14px">Tickets have moved to Github</h2>
The new ticket tracker is available at <a href="https://github.com/rails/rails/issues">https://github.com/rails/rails/issues</a>