Skip to content

Fix 1 — Sticky bit check bypass (lines 48-58 and 128-132)#68

Closed
nicolasva wants to merge 1 commit into
ruby:masterfrom
nicolasva:fix_first_tmpdir
Closed

Fix 1 — Sticky bit check bypass (lines 48-58 and 128-132)#68
nicolasva wants to merge 1 commit into
ruby:masterfrom
nicolasva:fix_first_tmpdir

Conversation

@nicolasva

@nicolasva nicolasva commented Mar 17, 2026
edited
Loading

Copy link
Copy Markdown

reference : rails/rails#56997

FIX 1

⏺ Summary

Context

The PR #67 on ruby/tmpdir received feedback from maintainer @rhenium requesting to split it into two separate PRs:

  • Fix 1 — Sticky bit check bypass (configurable via environment variable)
  • Fix 2 — Writability fallback (using stat.writable? when File.writable? fails)

What was done

Extracted Fix 1 only into the local branch fix_first_tmpdir:

lib/tmpdir.rb:

  • Added allow_world_writable? private method that checks the RUBY_TMPDIR_ALLOW_WORLD_WRITABLE environment variable (accepts 1, true, or yes)
  • Modified Dir.tmpdir to accept world-writable directories without sticky bit when the env var is set
  • Modified Dir.mktmpdir to bypass the security check when the env var is set

test/test_tmpdir.rb:

  • Added test_world_writable_allowed_by_env test case covering:
    • Default behavior (rejection without env var)
    • Acceptance with env var set to valid values (1, true, yes, TRUE, Yes)
    • Rejection with invalid values (0, false, no, 2, enabled)
    • mktmpdir working correctly with the env var

Test results

All 11 tests pass with 60 assertions (100% passed).

Copilot AI reviewed Jun 21, 2026
View reviewed changes

Copilot AI left a comment

Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Pull request overview

Adds an opt-in escape hatch to allow using world-writable, non-sticky temp directories (common in some container/Kubernetes setups) by honoring RUBY_TMPDIR_ALLOW_WORLD_WRITABLE, and covers the behavior with a new test.

Changes:

  • Introduce Dir.allow_world_writable? (private) to parse RUBY_TMPDIR_ALLOW_WORLD_WRITABLE.
  • Update Dir.tmpdir to accept world-writable/non-sticky candidates when the env var is enabled.
  • Update Dir.mktmpdir to bypass the parent-directory sticky-bit safety check when the env var is enabled, and add test coverage.

Reviewed changes

Copilot reviewed 2 out of 2 changed files in this pull request and generated 2 comments.

File Description
lib/tmpdir.rb Adds env-var gated bypass for the world-writable/no-sticky checks in tmpdir and mktmpdir.
test/test_tmpdir.rb Adds a test validating default rejection, env-var acceptance, and invalid-value rejection paths.

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

Comment thread lib/tmpdir.rb
Comment on lines +32 to +34
def self.allow_world_writable?
/\A(1|true|yes)\z/i.match?(ENV["RUBY_TMPDIR_ALLOW_WORLD_WRITABLE"])
end
Comment thread test/test_tmpdir.rb
Comment on lines +83 to +86
%w[0 false no 2 enabled].each do |val|
ENV["RUBY_TMPDIR_ALLOW_WORLD_WRITABLE"] = val
assert_not_equal(tmpdir, Dir.tmpdir, "should reject with value #{val.inspect}")
end
@ioquatix

ioquatix commented Jun 21, 2026

Copy link
Copy Markdown
Member

See my comment on #69

@ioquatix ioquatix closed this Jun 21, 2026
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

Copilot code review Copilot Copilot left review comments

@olleolleolle olleolleolle Awaiting requested review from olleolleolle

@hsbt hsbt Awaiting requested review from hsbt

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@nicolasva @ioquatix