I have reviewed cloned git projects and found that files have -rw-r--r--
permissions. It means any user on the system can read project files. Of course, it depends on folder permissions, but on some systems nobody
and all other users can read projects.
Any suggestions if there is a fix for this issue? Why it happens?
For example this works:
sudo -u nobody cat /projects/project1/file1
It's not broken and there is nothing here to fix: this is how permissions are supposed to work on Unix/Linux systems.
Programs, including Git, generally create new files with mode 0666
(rw-rw-rw-
) unless they're meant to be executable; if they are meant to be executable, they create the new files with mode 0777
(rwxrwxrwx
). For directories, which must be executable for processes to chdir
into them or otherwise operate within them, programs call the mkdir
system call with permissions 0777
(rwxrwxrwx
).
Files don't actually get created with these permissions unless the current process has its umask
set to 0
. The umask, which is per-process and inherited in the same fashion as the current working directory, is a mask of bits that the operating system should clear before actually creating a new file or directory. The default umask for a typical user in a typical setup is 022
: this takes away ----w--w-
permissions, so that newly created directories wind up having mode 0755
(rwxr-xr-x
) and newly created non-executable files have mode 0644
(rw-r--r--
).
Setting the umask to 077
takes away ---rwxrwx
, so that newly created directories have mode 0700
or rwx------
and newly created non-executable files have mode 0600
or rw-------
. Newly created executable files have mode 0700
or rwx------
since the process that called for their creation supplied 0777
as the mode, and 0777
masked with ~077
is 0700
.
Git uses these same conventions on Unix and Unix-like systems. This isn't a Git thing, it's an OS thing. Note that this simple, easily-understood scheme does not work with complicated things like Access Control Lists (ACLs). Some use this to argue that the complicated things should not exist (and there is something to that argument). The idea of "other" access to files in the first place perhaps should have been removed, since "group"—if groups could be arbitrarily created as needed—would cover such uses.