Skip to content

Ensure file-based program artifacts are restricted to the current user#48813

Merged
jjonescz merged 5 commits intodotnet:mainfrom
jjonescz:sprint-artifacts
May 15, 2025
Merged

Ensure file-based program artifacts are restricted to the current user#48813
jjonescz merged 5 commits intodotnet:mainfrom
jjonescz:sprint-artifacts

Conversation

@jjonescz
Copy link
Member

@jjonescz jjonescz commented May 5, 2025

No description provided.

@jjonescz jjonescz added the Area-run-file Items related to the "dotnet run <file>" effort label May 5, 2025
@jjonescz jjonescz requested a review from a team May 5, 2025 13:17
This was referenced May 5, 2025
Closed
Open
Closed
DamianEdwards
DamianEdwards reviewed May 5, 2025
View reviewed changes
src/Cli/dotnet/Commands/Run/VirtualProjectBuildingCommand.cs Outdated
Comment on lines 378 to 379
// The directory might have been created by someone else, set its permissions again to be sure.
new DirectoryInfo(directory).UnixFileMode = mode;
Copy link
Member

@DamianEdwards DamianEdwards May 5, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

So this is a change from what we had previously said right? I thought we'd said we would ensure the permissions were set on creation but not if the directory already existed, given the directory path is derived from the entry-point file path and under our own sub-directory. If this is effectively free perf-wise and we're not concerned about some odd edge case potentially causing this to flip owners on each run, then it's likely fine.

Copy link
Member Author

@jjonescz jjonescz May 6, 2025
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I forgot we said that, makes sense, I will remove this, thanks.

@jjonescz jjonescz marked this pull request as ready for review May 6, 2025 10:24
@jjonescz jjonescz requested a review from a team May 6, 2025 10:24
@jjonescz
Copy link
Member Author

jjonescz commented May 8, 2025
edited
Loading

@dotnet/run-file for reviews, thanks

MiYanni
MiYanni approved these changes May 9, 2025
View reviewed changes
test/dotnet.Tests/CommandTests/Run/RunFileTests.cs Outdated
.And.HaveStdOut("Changed");
}

[Fact]
Copy link
Member

@MiYanni MiYanni May 9, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

nit: We have a LinuxOnlyFact if you want to use that instead. Or a PlatformSpecificFact that takes an or'ed set of platform flags.

Copy link
Member Author

@jjonescz jjonescz May 12, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Didn't find LinuxOnlyFact actually, but PlatformSpecificFact(TestPlatforms.AnyUnix) looks good, thanks.

@jjonescz jjonescz requested review from a team, RikkiGibson and chsienki May 14, 2025 09:23
@jjonescz
Copy link
Member Author

jjonescz commented May 15, 2025

@chsienki for a review, thanks

@jjonescz jjonescz merged commit 4c91ca3 into dotnet:main May 15, 2025
30 checks passed
@jjonescz jjonescz deleted the sprint-artifacts branch May 15, 2025 18:00
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@DamianEdwards DamianEdwards DamianEdwards left review comments

@RikkiGibson RikkiGibson RikkiGibson approved these changes

@chsienki chsienki chsienki approved these changes

@MiYanni MiYanni MiYanni approved these changes

Assignees

No one assigned

Labels

Area-run-file Items related to the "dotnet run <file>" effort

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

5 participants

@jjonescz @DamianEdwards @RikkiGibson @chsienki @MiYanni