Wrong permissions for datadir and walletdir #15902

1. 
   hebasto commented at 4:44 pm on April 26, 2019: member

   On my Linux Mint 19.1:

   0$ umask
   10022
   

   After the first run of bitcoin-qt -sysperm=false the 0700 permissions are expected for both the datadir (~/.bitcoin) and the walletdir (~/.bitcoin/wallets).

   Actually, the directories are created with such access permissions:

   0$ stat ~/.bitcoin | grep Uid
   1Access: (0755/drwxr-xr-x)  Uid: ( 1000/ hebasto)   Gid: ( 1000/ hebasto)
   2$ stat ~/.bitcoin/wallets | grep Uid
   3Access: (0755/drwxr-xr-x)  Uid: ( 1000/ hebasto)   Gid: ( 1000/ hebasto)
   

   Refs:

   • #4286
   • #13371
   • #13389

   NOTE: reading through the initial PR #4286 makes me think it was controversial. Is it a better and simpler way to just get rid of -sysperm option? I believe a user who needs this option can easily run chown command.

2. laanwj added the label Utils/log/libs on May 2, 2019
3. 
   Kixunil commented at 12:26 pm on September 24, 2019: none

   I’d suggest these changes:

   • Wallets and block files are created with different permissions
   • Introduce -walletperms option to change the default (600) to whatever user wants.
   • Create block files with 644, the user can restrict it with umask

   It solves this problem: running electr (needs to access blocks to be efficient) Eclair (needs wallet) and bitcoind under a different user. Currently one needs to give up efficiency or security.

   I’m willing to do PR if you don’t see any important problem with my suggestion.

4. 
   hebasto commented at 2:41 pm on October 13, 2019: member

   Also: comment by @laanwj.
5. fanquake closed this on Feb 7, 2023

   ---

6. bitcoin locked this on Feb 7, 2024

Contributors
hebasto Kixunil

Labels
Utils/log/libs