On 1/27/20 12:59 PM, Matthias Koeppe wrote: > > In my opinion, it should set these permissions when it creates the > DOT_SAGE directory > for the first time (similar to how permissions of files like > ~/.python_history or ~/.bash_history are set), but not adjust them if > the directory already exists. It would be appropriate to write out a > warning though if they are more permissive than rwx------. >
This is the right way to do it. The user/system already has UMASK set to something generally acceptable. When you create a sensitive file, you mask more permission bits, create the file, and then revert the umask. After that, you leave everything alone. If there are any sensitive plain-text credentials created by Sage and stored under ~/.sage, then a warning for those would be OK, but otherwise a warning about something the user did on purpose is just going to get on everyone's nerves. -- You received this message because you are subscribed to the Google Groups "sage-devel" group. To unsubscribe from this group and stop receiving emails from it, send an email to sage-devel+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/sage-devel/3e28ee83-9b75-5ace-721a-57e9d3d9929f%40orlitzky.com.
