blackbox icon indicating copy to clipboard operation
blackbox copied to clipboard
verified publisher icon StackExchange

File permissions are not preserved in macOS

Open mig8447 opened this issue 5 years ago • 3 comments

Tested with homebrew blackbox version 1.20181219 (macOS 10.14.4, GPG 2.1) for a file that has 400 permissions. When decrypting, it stores the file as 644.

Even changing the permissions to the .gpg file didn't help, decryption is still giving 644

Related to issue #100

mig8447 avatar Feb 23 '20 17:02 mig8447

This is due to how gpg works, not how blackbox works.

You can control this, somewhat by setting the umask:

export DECRYPT_UMASK=0277

Does that help?

TomOnTime avatar Jun 08 '20 02:06 TomOnTime

tbh, I think the stuff we did around permissions was a design mistake. Adjusting permissions is a layering violation. Permissions should be handled at a different layer.

Cloning the permissions of .gpg doesn't make as much sense as when we originally thought. Git doesn't maintain permissions very well (intentionally). Plus, this could get you into a bad situation: What if you want permissions on the unencrypted file that wouldn't make sense on the encrypted file?

I haven't made any decisions but I'm considering deprecating all permission-related code. Instead, people should run a script afterwords that fixes permissions.

tlimoncelli avatar Apr 27 '21 13:04 tlimoncelli

Based on my testing this morning the unencryption process honors the umask setting in the shell, this is sufficient for my use case.

EDIT: allow me to backpedal on this. I think I I reported bad information. The unencrypted files appear to take the permission of the encrypted file. I had to set the umask before I cloned the repo.

a2f0 avatar Apr 27 '21 13:04 a2f0