From a711ec1dedf3a6f397f49294fbe5aa954991e787 Mon Sep 17 00:00:00 2001
From: Micah Lee <micah@micahflee.com>
Date: Thu, 10 Jun 2021 14:41:26 -0700
Subject: [PATCH] Make the temp directories world-readable so that docker
 containers can access them regardless of which user created them

---
 dangerzone/common.py | 15 +++++++++++++++
 1 file changed, 15 insertions(+)

diff --git a/dangerzone/common.py b/dangerzone/common.py
index d50a51f..d8630d6 100644
--- a/dangerzone/common.py
+++ b/dangerzone/common.py
@@ -1,4 +1,5 @@
 import os
+import stat
 import platform
 import tempfile
 
@@ -30,6 +31,20 @@ class Common(object):
                 prefix=os.path.join(cache_dir, "safe-")
             )
 
+            # Make the folders world-readable to ensure that the container has permission
+            # to access it even if it's owned by root or someone else
+            permissions = (
+                stat.S_IRUSR
+                | stat.S_IWUSR
+                | stat.S_IXUSR
+                | stat.S_IRGRP
+                | stat.S_IXGRP
+                | stat.S_IROTH
+                | stat.S_IXOTH
+            )
+            os.chmod(self.pixel_dir.name, permissions)
+            os.chmod(self.safe_dir.name, permissions)
+
         # Name of input and out files
         self.document_filename = None
         self.save_filename = None