Why does sftp-client create new local files with the remote file permissions when preserve_flag it NOT specified?

Damien Miller djm at mindrot.org
Sun Aug 23 18:18:37 AEST 2020

On Fri, 21 Aug 2020, Matthew Sienkiewicz wrote:

> Fantastic Friday All, 
> I was tracking down a problem with SFTP retrieved files having
> unexpected file permissions.
> The remote file permissions were 0070.  
> The local file did not exist before the transfer request.
> The local account had a umask of 0022.
> The local file permissions after the transfer were 0250.

This is because the sftp protocol has no notion of a user's umask - all
permissions are passed explicitly in the protocol, so it has to pick a
default. The default we chose was the permissions of the origin file.

An alternative might be to implement the notion of a umask in the client,
but I think the current behaviour should stay as default for safety and
backwards conmpatibility.


More information about the openssh-unix-dev mailing list