<p dir="ltr">There may be a difference between daemons coded in C and Python. In C, it is trivial for the programmer to force fixed mode flags when opening files that may not exist - by supplying the 3rd argument to open() . In Python one would have to drop to OS specific code to do that - in fact I cannot remember the spelling OTTOMH.<br>
</p>
<div class="gmail_quote">On Jul 15, 2014 9:35 PM, "Ben Finney" <<a href="mailto:ben%2Bpython@benfinney.id.au">ben+python@benfinney.id.au</a>> wrote:<br type="attribution"><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">
On 15-Jul-2014, Michael Hrivnak wrote:<br>
<br>
> The summary is that worker daemon processes in celery by default<br>
> will change their umask to 0. Then if they create new files, those<br>
> files will be world-writable. Looking at PEP 3143, it seems that<br>
> python-daemon may also have a default umask of 0.<br>
<br>
Yes, this is a specific mandate from the primary source for standard<br>
Unix daemon behaviour. As cited in PEP 3143, the library follows “Unix<br>
Network Programming”, W. Richard Stevens, 1994 Prentice Hall. Section<br>
2.6 of that book details the behaviour a properly-behaving Unix daemon<br>
should execute.<br>
<br>
In particular:<br>
<br>
Reset the File Access Creation Mask<br>
<br>
A process inherits its file access creation mask from its parent.<br>
A daemon should execute:<br>
<br>
umask(0);<br>
<br>
to reset this mask. This prevents any files created by the daemon<br>
from having their access bits modified. …<br>
<br>
> Zero is is not a safe or expected default.<br>
<br>
It is the only expected default I know of; the Stevens book is the<br>
canonical source for expected behaviour of Unix daemons, AFAIK.<br>
<br>
> The safe default is for a process to not change its inherited umask<br>
> unless explicitly directed to do so. Having a setting to change it<br>
> is fine, but the default behavior should be "no change".<br>
<br>
That would contradict the standard reference text, as far as I can see.<br>
<br>
> The impact of this behavior is that unless a user knows to<br>
> explicitly set a safe umask on their daemon processes, they could<br>
> end up with world-writable files without realizing it.<br>
<br>
I can modify the documentation to make clear that this is standard<br>
behaviour. Can you suggest wording?<br>
<br>
--<br>
\ “At my lemonade stand I used to give the first glass away free |<br>
`\ and charge five dollars for the second glass. The refill |<br>
_o__) contained the antidote.” —Emo Philips |<br>
Ben Finney <<a href="mailto:ben@benfinney.id.au">ben@benfinney.id.au</a>><br>
<br>_______________________________________________<br>
python-daemon-devel mailing list<br>
<a href="mailto:python-daemon-devel@lists.alioth.debian.org">python-daemon-devel@lists.alioth.debian.org</a><br>
<a href="http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/python-daemon-devel" target="_blank">http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/python-daemon-devel</a><br>
<br></blockquote></div>