Commit 1659c3b8 authored by Robert Speicher's avatar Robert Speicher

Merge branch 'explain-0600' into 'master'

Explain the extra chmod

There is confusion about what passing `0600` to File.open does.

```
$ touch /tmp/foobar
$ ls -l /tmp/foobar
-rw-r--r--  1 jacobvosmaer  wheel  0 Sep 26 14:20 /tmp/foobar
$ ruby -e 'File.open("/tmp/foobar", "w", 0600)'
$ ls -l /tmp/foobar
-rw-r--r--  1 jacobvosmaer  wheel  0 Sep 26 14:20 /tmp/foobar
$ 
$ 
$ rm /tmp/foobar
$ ruby -e 'File.open("/tmp/foobar", "w", 0600)'
$ ls -l /tmp/foobar
-rw-------  1 jacobvosmaer  wheel  0 Sep 26 14:21 /tmp/foobar
```

See merge request !6523
parents 4ce9a783 05745737
...@@ -111,7 +111,7 @@ module Gitlab ...@@ -111,7 +111,7 @@ module Gitlab
def write_secret def write_secret
bytes = SecureRandom.random_bytes(SECRET_LENGTH) bytes = SecureRandom.random_bytes(SECRET_LENGTH)
File.open(secret_path, 'w:BINARY', 0600) do |f| File.open(secret_path, 'w:BINARY', 0600) do |f|
f.chmod(0600) f.chmod(0600) # If the file already existed, the '0600' passed to 'open' above was a no-op.
f.write(Base64.strict_encode64(bytes)) f.write(Base64.strict_encode64(bytes))
end end
end end
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment