On 2002.06.16, Tobias Reif <tobiasreif / pinkjuice.com> wrote:
> Dossy wrote:
> 
> 
> >According to the documentation, you should be doing:
> >
> >    File.new('foo', 'wb', 0600)
> >
> >This is gotten from:
> >
> >    http://www.rubycentral.com/book/ref_c_file.html#File.new
> >
> >    File.new( fileName [, aModeNum [ aPermNum ] ] ) -> file 
> 
> 
> That's what I did first.
> 
> $ ruby -e "File.new('foozer','wb',0600)"
> $ stat foozer
>   File: "foozer"
>   Size: 0               Blocks: 0          Regular File
> Device: 306h/774d       Inode: 374159      Links: 1
> Access: (0644/-rw-r--r--)  Uid: (  501/    tobi)   Gid: (  501/    tobi)
> Access: Sat Jun 15 20:11:15 2002
> Modify: Sat Jun 15 20:11:15 2002
> Change: Sat Jun 15 20:11:15 2002

Neat.  I just tried on 1.6.7 and I got the same thing you did.

This works as a workaround:

File.open("foo", "w+") { |file| file.chmod 0600 }'

But, this isn't suitable where security is important because someone
could grab a filehandle between the time the file is created and the
perms are changed and read the file as it's written.


This bug seems to have been fixed in 1.7.2:

$ umask 022
$ rm -f foo
$ ls -l foo
/bin/ls: foo: No such file or directory
$ ruby -ve 'File.new "foo", "w", 0600'
ruby 1.6.7 (2002-03-19) [i386-linux]
$ ls -l foo
-rw-r--r--    1 dossy    users           0 Jun 15 14:43 foo

$ umask 022
$ rm -f foo
$ ls -l foo
/bin/ls: foo: No such file or directory
$ ruby-1.7.2 -ve 'File.new "foo", "w", 0600'
ruby 1.7.2 (2002-05-30) [i686-linux]
$ ls -l foo
-rw-------    1 dossy    users           0 Jun 15 14:43 foo


-- Dossy

-- 
Dossy Shiobara                       mail: dossy / panoptic.com 
Panoptic Computer Network             web: http://www.panoptic.com/ 
  "He realized the fastest way to change is to laugh at your own
    folly -- then you can let go and quickly move on." (p. 70)