You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
$ umask0022
$ mkdir ~/gotmp &&cd~/gotmp
$ mkdir GOPATH src
$ export GOPATH=${PWD}/GOPATH
$ cd src
$ go mod init testmodulego: creating new go.mod: module testmodule
$ go get github.com/fatih/colorgo: downloading github.com/fatih/color v1.10.0go: github.com/fatih/color upgrade => v1.10.0go: downloading github.com/mattn/go-colorable v0.1.8go: downloading github.com/mattn/go-isatty v0.0.12go: downloading golang.org/x/sys v0.0.0-20200223170610-d5e6a3e2c0ae
$ ls -l ../GOPATH/pkg/mod/total 0drwxr-xr-x 4 mseplowitz staff 128 Nov 2 12:56 cache/drwxr-xr-x 4 mseplowitz staff 128 Nov 2 12:56 github.com/drwxr-xr-x 3 mseplowitz staff 96 Nov 2 12:56 golang.org/
$ ls -l ../GOPATH/pkg/mod/github.com/total 0drwxr-xr-x 3 mseplowitz staff 96 Nov 2 12:56 fatih/drwxr-xr-x 4 mseplowitz staff 128 Nov 2 12:56 mattn/
$ ls -l ../GOPATH/pkg/mod/github.com/*../GOPATH/pkg/mod/github.com/fatih:total 0dr-x------ 11 mseplowitz staff 352 Nov 2 12:56 'color@v1.10.0'/../GOPATH/pkg/mod/github.com/mattn:total 0dr-x------ 16 mseplowitz staff 512 Nov 2 12:56 'go-colorable@v0.1.8'/dr-x------ 20 mseplowitz staff 640 Nov 2 12:56 'go-isatty@v0.0.12'/
What did you expect to see?
I'd like the module version root directories (e.g. $GOMODCACHE/github.com/fatih/color@v1.10.0) to have dr-xr-xr-x (555) permissions so that other users can read the cache.
What did you see instead?
The module root directories are only readable by their owner -- they have dr-x------ (500) permissions. The nearby parent/child directories and files are all world-readable, though.
Per @bcmills, this seems like a nearly idential situation to #40895.
The text was updated successfully, but these errors were encountered:
ioutil.TempDir creates directories with 0700 permissions, not the defaults that os.Mkdir would give you. The directory is renamed (moved) as-is into place, so it retains these narrow permissions.
The code in the other branch of if unzipInPlace { ... doesn't have the same problem -- if I set GODEBUG=modcacheunzipinplace=1, I get dr-xr-x-rx / 0555 dirs. Looks like the old code branch was removed entirely in 507a88c, and I can confirm that gotip (go version devel +05e6d28 Mon Nov 2 11:14:49 2020 darwin/amd64) also gives me world-readable directories.
What version of Go are you using (
go version
)?and
Does this issue reproduce with the latest release?
Yes.
What operating system and processor architecture are you using (
go env
)?go env
OutputWhat did you do?
What did you expect to see?
I'd like the module version root directories (e.g.
$GOMODCACHE/github.com/fatih/color@v1.10.0
) to havedr-xr-xr-x
(555) permissions so that other users can read the cache.What did you see instead?
The module root directories are only readable by their owner -- they have
dr-x------
(500) permissions. The nearby parent/child directories and files are all world-readable, though.Per @bcmills, this seems like a nearly idential situation to #40895.
The text was updated successfully, but these errors were encountered: