-
Notifications
You must be signed in to change notification settings - Fork 305
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Bugfix/CopyDir recursive destination check #126
Bugfix/CopyDir recursive destination check #126
Conversation
@@ -32,7 +32,9 @@ protected function copyDir($src, $dst) | |||
if (false === $dir) { | |||
throw new TaskException($this, "Cannot open source directory '" . $src . "'"); | |||
} | |||
@mkdir($dst); | |||
if (!is_dir($dst)) { | |||
mkdir($dst, 0777, true); |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Isn't 777 a little too much? I think 775 or 755 would be better.
Or check the parent folders permission and inherit them?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I did not want to change existing behavior, and 0777 is the default (http://php.net/manual/de/function.mkdir.php).
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
It's not like that standard php is secure at all. I think especially in the case of dealing with assets that are usually going into a public webroot it is critical to not set them to 777. This will make it very easy to add malicious files and code into files.
I would propose to set the default to 755 and give the user the option to change it:
->permissions(777)
->run();
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
permissions
option is not very descriptive, could you propose something better?
I agree to provide better option for that, and maybe 755 is a good idea for making it standard.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
dirPermissions(), folderPermissions()? chmod()?
I've added the permission feature in #145 :) @DavertMik let me know if you agree to the method name and I'll merge it ASAP. |
Wow, to much updates in the last 24 hours... This PR was solely about the recursive bug in #125 ( @DavertMik : can you comment on my question there as to why the CopyDir task is even needed)? I did not want to break compatibility with existing code. The whole permissions thing is another one (from my point of view) and should be an own PR (so it is clearly visible). If you look at Symfonys Filesystem So if you really want to clean up the permissions thing, you had to make PRs to Symfony for providing the mode or implement those functions in Robo directly (which seems not good, but the CopyDir task already does it, see above). EDIT:
So the permissions should be alright, just did a quick test: $ umask
0022
$ php -r 'mkdir("test1/test2", 0770, true);' && ls -la test1
drwxr-x--- 2 pgasser pgasser 4096 Mar 13 10:10 test2 So maybe just merge this and decide on the permission cleanup in a new PR? |
The default value for new folders is 0777. This can be changed by calling chmod().
Fixes #125 (see there for explanation).
Also added a test to check that files are overwritten.