Server: File permissions are not synced
Am using Arch Linux for clients, Arch Linux ARM for server(s) and NC 12.0.3.
Steps to reproduce
- Create a file on machine1
- Change its permissions - for example run chmod +x on it
- Let NC sync it
- On machine2 let NC sync, and check the file permissions.
Expected behaviour
File has same permissions on both machines. (not sure if owner:group should also be synced though)
Actual behaviour
Machine one: $ ls -lah ~/Nextcloud/company/Scripty/Install/upload.sh
-rwxr-xr-x 1 c0rn3j c0rn3j 143 Sep 25 16:23 ~/Nextcloud/company/Scripty/Install/upload.sh
Machine two: $ ls -lah ~/Nextcloud/company/Scripty/Install/upload.sh
-rw-r--r-- 1 c0rn3j c0rn3j 143 Sep 25 16:23 ~/Nextcloud/company/Scripty/Install/upload.sh
This breaks my scripts.
C0rn3j
All 4 comments
Yeah this is not possible, otherwise the files would be executable on the server as well, which in itself is a security thread
nickvergessen
on 6 Oct 2017
Is it not possible so "solve" this problem by saving the files permissions into the DB?
mimaoffice
on 23 Dec 2017
As suggested by @mimaoffice the files in Nextclouds data directory don't need to have the permissions. Furthermore, I don't even see a security risk of having +x set for files owned by Nextcloud. You need to already have access to a shell on the server to be able to execute it and +x doesn't escalate your privileges like +s could.
Can this issue be reopened?
rio-
on 1 Apr 2019
Having same issue. I wanted to sync some ssh keys which have folder permission 0700, and file permission 0600. On one machine, I have permissions set properly. On another host that is sync, the permissions were all gone. Every folder is set to 0755, every file is to 0644.
This means my ssh keys are world-readable on all machines except the original machine. That is not very secure. I have to manually change folder/file permissions on all the rest of the machines.
I think Dropbox preserves the folder/file permissions correctly. It would be nice if NC has this feature too.
gengwg
on 1 Sep 2020
Related issues
blackcrack
路
3Comments
e-alfred
路
3Comments
rullzer
路
3Comments
MariusBluem
路
3Comments
MorrisJobke
路
3Comments
Most helpful comment
As suggested by @mimaoffice the files in Nextclouds data directory don't need to have the permissions. Furthermore, I don't even see a security risk of having
+xset for files owned by Nextcloud. You need to already have access to a shell on the server to be able to execute it and+xdoesn't escalate your privileges like+scould.Can this issue be reopened?