Draft: community/php8: initd umask fix (!15206) · Merge requests · alpine / aports

Steve Parris requested to merge Bluemax/aports:php8-initd-umask-fix into master Dec 03, 2020

Processes in user groups like www-data might create and share common files (like /dev/shm or sockets) that need to be read/write accessible in the group (mode_t 660). The effective file permission of O_CREAT is evaluated by mode & ~umask. That means, even if a process tries to create a file with 660 permission it will be downgraded to 640 as the default process umask is 0022. This patch will set the process umask to 0002 (that will only remove o+w permission).

Common tools like fcgiwrap or nginx are prepared in the same way already (umask 0002 or lower).

Edited Feb 09, 2021 by Andy Postnikov

Draft: community/php8: initd umask fix

Merge request reports