airflow-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Timothy O'Keefe (JIRA)" <>
Subject [jira] [Created] (AIRFLOW-1536) DaemonContext use default umask 0
Date Mon, 28 Aug 2017 16:10:00 GMT
Timothy O'Keefe created AIRFLOW-1536:

             Summary: DaemonContext use default umask 0
                 Key: AIRFLOW-1536
             Project: Apache Airflow
          Issue Type: Bug
          Components: cli, security
            Reporter: Timothy O'Keefe

All DaemonContext instances used for worker, scheduler, webserver, flower, etc. do not supply
a umask argument. See here for example:

As a result, the DaemonContext will use the default umask=0 which leaves user data exposed.
A BashOperator for example that writes any files would have permissions rw-rw-rw- as would
any airflow logs.

I believe the umask should be inherited from the parent shell.

This message was sent by Atlassian JIRA

View raw message