Skip to content

Ensure file-based program artifacts are restricted to the current user #48813

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
wants to merge 4 commits into
base: main
Choose a base branch
from
Open

Ensure file-based program artifacts are restricted to the current user #48813

wants to merge 4 commits into from
+50 −1

Conversation

jjonescz
Copy link
Member

@jjonescz jjonescz commented May 5, 2025

No description provided.

@jjonescz jjonescz added the Area-run-file Items related to the "dotnet run <file>" effort label May 5, 2025
@jjonescz jjonescz requested a review from a team May 5, 2025 13:17
This was referenced May 5, 2025
Open
Open
Open
DamianEdwards
DamianEdwards reviewed May 5, 2025
View reviewed changes
src/Cli/dotnet/Commands/Run/VirtualProjectBuildingCommand.cs Outdated
Comment on lines 378 to 379
// The directory might have been created by someone else, set its permissions again to be sure.
new DirectoryInfo(directory).UnixFileMode = mode;
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

So this is a change from what we had previously said right? I thought we'd said we would ensure the permissions were set on creation but not if the directory already existed, given the directory path is derived from the entry-point file path and under our own sub-directory. If this is effectively free perf-wise and we're not concerned about some odd edge case potentially causing this to flip owners on each run, then it's likely fine.

Copy link
Member Author

@jjonescz jjonescz May 6, 2025
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I forgot we said that, makes sense, I will remove this, thanks.

@jjonescz jjonescz marked this pull request as ready for review May 6, 2025 10:24
@jjonescz jjonescz requested a review from a team May 6, 2025 10:24
@jjonescz
Copy link
Member Author

jjonescz commented May 8, 2025
edited
Loading

@dotnet/run-file for reviews, thanks

MiYanni
MiYanni approved these changes May 9, 2025
View reviewed changes
test/dotnet.Tests/CommandTests/Run/RunFileTests.cs Outdated
@@ -807,6 +807,47 @@ public void NoBuild_02()
.And.HaveStdOut("Changed");
}

[Fact]
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

nit: We have a LinuxOnlyFact if you want to use that instead. Or a PlatformSpecificFact that takes an or'ed set of platform flags.

Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Didn't find LinuxOnlyFact actually, but PlatformSpecificFact(TestPlatforms.AnyUnix) looks good, thanks.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@DamianEdwards DamianEdwards DamianEdwards left review comments

@MiYanni MiYanni MiYanni approved these changes

Assignees
No one assigned
Labels
Area-run-file Items related to the "dotnet run <file>" effort
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@jjonescz @DamianEdwards @MiYanni