Add optional state file permissions

Before this commit, it was possible that the puma.state file would be world readable which may not be desirable in production environments. This introduces a new optional configuration option to set desired state file permissions.

History.md

@@ -49,6 +49,9 @@
   * JSON parse cluster worker stats instead of regex (#2124)
   * Support parallel tests in verbose progress reporting (#2223)
 
+* Security
+  * New configuration option to set state file permissions (#2238)
+
 ## 4.3.3 and 3.12.4 / 2020-02-28
 
 * Bugfixes

lib/puma/dsl.rb

@@ -399,6 +399,14 @@ def state_path(path)
       @options[:state] = path.to_s
     end
 
+    # Use +permission+ to restrict permissions for the state file.
+    #
+    # @example
+    #   permission 0600
+    def state_permission(permission)
+      @options[:state_permission] = permission
+    end
+
     # How many worker processes to run.  Typically this is set to
     # the number of available cores.
     #

lib/puma/launcher.rb

@@ -102,6 +102,7 @@ def write_state
       write_pid
 
       path = @options[:state]
+      permission = @options[:state_permission]
       return unless path
 
       require 'puma/state_file'
@@ -111,7 +112,7 @@ def write_state
       sf.control_url = @options[:control_url]
       sf.control_auth_token = @options[:control_auth_token]
 
-      sf.save path
+      sf.save path, permission
     end
 
     # Delete the configured pidfile

lib/puma/state_file.rb

@@ -8,8 +8,9 @@ def initialize
       @options = {}
     end
 
-    def save(path)
+    def save(path, permission = nil)
       File.write path, YAML.dump(@options)
+      File.chmod(permission, path) if permission
     end
 
     def load(path)