From 28b5d80d8d1746d2e33fb3cf49f3087521264b80 Mon Sep 17 00:00:00 2001 From: Ian Lance Taylor Date: Thu, 11 Apr 2024 15:10:47 -0700 Subject: [PATCH] os: document file mode of temporary files Fixes #66784 Change-Id: Ifd17e0830e04e7028d8a876c6c12c496f5167887 Reviewed-on: https://go-review.googlesource.com/c/go/+/578395 Auto-Submit: Ian Lance Taylor Reviewed-by: Damien Neil Reviewed-by: Alan Donovan LUCI-TryBot-Result: Go LUCI --- src/os/tempfile.go | 2 ++ 1 file changed, 2 insertions(+) diff --git a/src/os/tempfile.go b/src/os/tempfile.go index 5ccc006296..af70b360b3 100644 --- a/src/os/tempfile.go +++ b/src/os/tempfile.go @@ -27,6 +27,7 @@ func nextRandom() string { // opens the file for reading and writing, and returns the resulting file. // The filename is generated by taking pattern and adding a random string to the end. // If pattern includes a "*", the random string replaces the last "*". +// The file is created with mode 0o600 (before umask). // If dir is the empty string, CreateTemp uses the default directory for temporary files, as returned by [TempDir]. // Multiple programs or goroutines calling CreateTemp simultaneously will not choose the same file. // The caller can use the file's Name method to find the pathname of the file. @@ -78,6 +79,7 @@ func prefixAndSuffix(pattern string) (prefix, suffix string, err error) { // and returns the pathname of the new directory. // The new directory's name is generated by adding a random string to the end of pattern. // If pattern includes a "*", the random string replaces the last "*" instead. +// The directory is created with mode 0o700 (before umask). // If dir is the empty string, MkdirTemp uses the default directory for temporary files, as returned by TempDir. // Multiple programs or goroutines calling MkdirTemp simultaneously will not choose the same directory. // It is the caller's responsibility to remove the directory when it is no longer needed. -- 2.50.0