Doubt about the type of permission when creating folder and file with. mkdir() and.openfile()

Asked

Viewed 38 times

-1

People, at a certain point in my code I am creating a folder (1) in which will be archived photos posted by users and a CSV file (2) in which will be archived the metadata of these images. I’m thinking here about permissions.

So far I’m using the 666 permissions, but I think that would represent a vulnerability, wouldn’t you? It would make life easier for some malicious user who wanted to delete both the file and the folder.

In my specific case, both photos and other data will only be stored and will not be used again (I’m just practicing here and I came up with this doubt). In that case 600 would suffice? This would ensure that the privilege of creating and deleting folders/files would be reserved to root?

And in the case of a system where these photos, once stored, were loaded according to the user, what permissions do you use? 644? That’s not the case yet, but if it were a system that was actually going to run in production, I wouldn’t know what to do in each of these scenarios. Any suggestions?

(1) os.Mkdir(foldername, 0666)

(2) metadataFile, err := os.OpenFile("metadata.csv", os.O_CREATE|os.O_APPEND|os.O_WRONLY, 0666)
linux golang file-permission

1 answer

0

Let’s simplify using only the last 3 values {666}.

you applied {for the user:6, for the group: 6, and for others:6}

what each number means:

  • 0 = no permission;
  • 1 = only execute;
  • 2 = only record;
  • 3 = write and run;
  • 4 = read only;
  • 5 = read and execute;
  • 6 = read and record;
  • 7 = read, write and run.

As brief as possible...

USER owns: with 6 you can read and modify

Let’s say we have the group JACKS-NAILS, all members of this group with 6, can also read and modify the data (folder, file), if I want to present and not allow change, I must then set the value 4.

OTHERS is the such public "file, folder", leave 6... Download, will allow anyone to modify the file or folder.

let’s practice?

package main

import (
    "os"
)

func main() {
    file, _ := os.OpenFile("ninguem_mexe.txt", os.O_CREATE|os.O_WRONLY, 0444)
    file.WriteString("O rato roeu a roupa do rei de roma.")
}

Try a text editor to modify the file "ninguem_mexe.txt" and write.

Obs: is not worth the copy.

Browser other questions tagged linux golang file-permission

You are not signed in. Login or sign up in order to post.