On 05/02/18 05:53, Wayne Davison wrote: > On Sat, Feb 3, 2018 at 5:20 AM, Dave Gordon via rsync > <rsync@lists.samba.org <mailto:rsync@lists.samba.org>> wrote: > > [...fake-super symlink saved as a file...] > > This results in the copy being world-writable. > > Indeed. The file initially gets created as a mode-600 file, but the code > later tweaks the permissions to match the symlink, which is (as you > note) a bad thing. > > My first reaction is to change the code in set_stat_xattr() > (in xattrs.c) from: > > if (fst.st_mode != mode) > do_chmod(fname, mode); > > to: > > if (fst.st_mode != mode && !S_ISLNK(file->mode)) > do_chmod(fname, mode); > > ..wayne..
That's certainly an improvement; from the safety point of view, leaving it as 0600 is a lot better than leaving it as 0777. I'm currently investigating a slightly more extensive fix to allow more control over how fake-symlink files end up, also to make fake-super work better with incoming-chmod for the daemon case. .Dave. -- Please use reply-all for most replies to avoid omitting the mailing list. To unsubscribe or change options: https://lists.samba.org/mailman/listinfo/rsync Before posting, read: http://www.catb.org/~esr/faqs/smart-questions.html