Re: [Rd] .Rhistory created with wrong permissions (PR#13752)

From: Nicolas Thierry-Mieg <>
Date: Thu, 11 Jun 2009 19:23:37 +0200

Prof Brian Ripley wrote:

> Yes, it is by design, and not R's design at that.
> How (or if) the history is saved is determined by the GUI interface in 
> use.  In this case it appears to be command-line R built with readline 
> support, in which case the saving is done by readline's write_history. 
> And although the manual does not say so, it does open files 
> with pemissions 0600 (and there is no provison to change this).

OK, undocumented feature of a library R links to. Thanks for explaining.

> To claim 'wrong permissions' implies that you 'know for certain' what 
> the permissions should be -- I don't now how you can know them unless 
> you can point to documentation that asserts the correct value as 
> something different.

Woah! No need to get snappy or pedantic. There's no documentation one way or the other, so "wrong" has to be relative to standard procedure. There's no documentation saying R doesn't "rm -rf /" on full moons, but one still expects that it doesn't.

Most programs create files 0666 modified by umask, except if there's a good reason to restrict things.
0666 is also what fopen does when creating a file. Furthermore .RData is created 0666, and I didn't think a user's history was more sensitive than his data, so I thought .Rhistory should be 0666 as well. Paul's answer about passwords clears that up.

OK, I should have written "unusual permissions". And I realize now that I should have posted to r-devel instead of submitting a bug. Sorry for the noise, I'm new to R.

Nicolas Thierry-Mieg

> On Wed, 10 Jun 2009, Paul Gilbert wrote:

>> wrote:
>>> Hi,
>>> This is with a centos 5.3 x86_64 system, using R 2.8.1 (details below).
>>> In a directory where R is invoked, at the end of a session R offers
>>> to "Save workspace image". Replying yes creates/updates at least two
>>> files in the current directory: .Rhistory and .RData.
>>> .Rhistory is created with permissions 0600, therefore it effectively
>>> ignores umask. In particular, .Rhistory cannot be group-readable,
>>> which can be problematic in some environments.
>>> This is not the case for .RData (created 0666, modified by umask as
>>> usual), so I doubt that the .Rhistory permissions are restrictive by
>>> design?
>> I`m not sure, but it may be by design. For example, users sometimes
>> use passwords to connections, which one might not want accidentally
>> recorded in a readable file.
>> Paul
>>> If not, it would be better to create .Rhistory 0666 and let the user
>>> control the actual permissions through umask.
>>> Regards,
>>> Nicolas Thierry-Mieg
<snip> mailing list Received on Fri 12 Jun 2009 - 08:33:11 GMT

Archive maintained by Robert King, hosted by the discipline of statistics at the University of Newcastle, Australia.
Archive generated by hypermail 2.2.0, at Fri 12 Jun 2009 - 13:35:19 GMT.

Mailing list information is available at Please read the posting guide before posting to the list.

list of date sections of archive