src/geoipyupdate/__init__.py: respect umask for the database
All python temporary files are created with mode 600, and that
includes the temporary files that we use to download/decompress the
database. When we eventually move the database to its destination, it
retains these permissions and needs to be chmod'ed. This leads to a
race condition where web applications can raise permission errors in
the instant that the database is unreadable.
The solution to this is obvious, we should just respect the umask.
But python makes this very hard to do: the tempfile module ignores the
umask, and you can't obtain the umask without changing it, and
changing it affects other threads... anyway, it can be done, if
carefully. This commit uses os.chmod() on the database file to make it
world readable and group writable, minus whatever permissions the user
has masked.
projects / geoipyupdate.git / commit