michael-o commented on pull request #382: URL: https://github.com/apache/tomcat/pull/382#issuecomment-737353972
> > > > OK, my slight counter proposal is not use rw-rw-rw- as default, but rw-rw---- because this would reflect the default umask of 027, i.e, not to create anything world readable. For those who need more permissions, they can supply a custom string. > > The problem with this is that it makes the default behaviour between windows and unix inconsistent, and this is likely to cause headaches for people who either don't read the docs properly, or read a response on stack overflow aimed at unix people and use it thinking it also applies to windows. While I agree here, you cannot really achieve consistency due to two completely diametral approach in both OS types. I wouldn't try to achive, as sad as it sounds. > Setting a default on windows is itself hard - windows doesn't have a concept of a "primary group" like posix, but the possibility of zero or more users and/or groups that have access to a file or directory. There is no practical default behaviour for any of that, which is why java itself doesn't try. Java gives you "access to owner" and "access to everyone", and that's it. "Access to owner" is the same as "no uds support", that leaves just "access to everyone, protect me by protecting my parent directory". I know it is hard, maybe we should not try at all? I believe that it will quite some time to be picked up by Windows users at all. > > I also do understand that localhost is open for everyone on that box, but isn't that the whole point of UDS to have more control over the socket? > > Yes - and the most simplest way to protect a socket is to put it in a suitably protected directory. You don't have to protect the socket file itself, just make it impossible for the file to be seen by making its parent directory inaccessible. > > I am very mindful of decisions made now being difficult to change down the line. Adding new behaviour in future is easy, but changing existing behaviour (like a default) is a headache for all concerned. Agree! ---------------------------------------------------------------- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. For queries about this service, please contact Infrastructure at: us...@infra.apache.org --------------------------------------------------------------------- To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
