gtfs-validator icon indicating copy to clipboard operation
gtfs-validator copied to clipboard

Published 20 hours ago verified publisher icon MobilityData

Best practice: Files within the zip file should at least have readable permissions

Open markstos opened this issue 2 years ago • 2 comments

Describe the problem

The ZIP file format preserves file permissions, but the GTFS spec is currently silent on what they should be. Normally, the *.txt files within the zip have at least readable permissions, but often writable as well-- useful if you need to pre-process the zip file in place after downloading it.

It's valid to publish a ZIP file where there is no permission to read the files it contains. For example, here's the ls output of such a zip file:

      406      0 drwxr-xr-x   2 mark     mark          280 May 22 14:01 .
      417      4 ----------   1 mark     mark          292 Apr 26 00:16 ./feed_info.txt
      416      4 ----------   1 mark     mark          350 Apr 26 00:16 ./directions.txt
      415      4 ----------   1 mark     mark           89 Apr 26 00:16 ./realtime_routes.txt
      414      4 ----------   1 mark     mark           57 Apr 26 00:16 ./calendar_attributes.txt
      413    268 ----------   1 mark     mark       272141 Apr 26 00:16 ./shapes.txt
      412      4 ----------   1 mark     mark          156 Apr 26 00:16 ./calendar.txt
      411    304 ----------   1 mark     mark       309381 Apr 26 00:16 ./stop_times.txt
      410     12 ----------   1 mark     mark        11132 Apr 26 00:16 ./trips.txt
      409      4 ----------   1 mark     mark          815 Apr 26 00:16 ./routes.txt
      408     16 ----------   1 mark     mark        14618 Apr 26 00:16 ./stops.txt
      407      4 ----------   1 mark     mark          245 Apr 26 00:16 ./agency.txt

Notice the complete lack of permissions on the files!

Describe the new validation rule

IF file permissions on any *.txt file are are missing user "read" permission: issue a file format notice.

Sample GTFS datasets

wilsonville-or-us.zip

Severity

INFO

Additional context

I'd also like this point clarified in the GTFS spec and am pursuing that separately.

My company /does/ filter the feeds in place, so a least for us having permission to edit & replace the .txt files is also helpful, but I also realize the GTFS format is generally considered read- so adding a "write" permission within the file may seem odd.

markstos avatar May 22 '23 19:05 markstos

Hi @markstos! After following your investigation of file permissions in your original spec proposal, it looks like this proposal was dropped. Do you still propose it as a change on the GTFS Validator?

emmambd avatar Jan 09 '24 21:01 emmambd

I think it's worthy of an warning but not an error. You may run into problems with some tools if the files within the zip are not readable.

On the other hand, if I'm the only one flagging the issue, the impact may not be widespread at all, making it a low priority change.

markstos avatar Jan 10 '24 13:01 markstos