On Wed, Feb 11, 2015 at 04:21:32PM -0500, Parrot Raiser wrote: > Not replicating the original file permissions on a copy would be a > huge security hole. Anybody could copy a root-read-only file, examine > the contents, modify them, and, if they had write access to the > directory, replace it with the updated one.
I think this is overstating things a fair bit. A file that is root-read-only would only be readable by root, not "anybody". Assuming a non-root person has read permissions to a file that is "root-read-only" (whatever that means), there are plenty of ways to create a modifiable copy of that file without using ©. So © itself isn't the source (or fix) of the security hole. Ultimately I agree that the original file permissions should come into play, however. I suspect that © should create the new copy with the existing file's permissions as modified by the current umask. Pm
