Le 25/02/2018 à 03:24, Pádraig Brady a écrit :
On 20/02/18 00:04, Declercq Laurent wrote:
Le 20/02/2018 à 04:26, Pádraig Brady a écrit :
2. Non-permission bits are preserved, even when the --no-preserve=mode
option is involved.
Original file to copy: prwSrw-rw- 1 root staff 0 févr. 18 18:59 spfile
cp(1) command (run as root user): cp -r --no-preserve=mode spfile
spfile_copy
Current result:
prwsr-xr-x 1 root staff 0 févr. 18 22:05 spfile_copy
I'm not seeing this. I get 'x' rather than 's' here (and '-' with the fix)
Expected result (considering UMASK 0022 and without the first bug above):
prw-r--r-- 1 root staff 0 févr. 18 22:05 spfile_copy
thanks!
Pádraig
I'll make a new try, providing you relevant STRACE(1) output if necessary.
Thank you for your fast reaction.
I've pushed this fix.
Whether setuid is cleared may be file system dependent.
set_acl() corresponds to a setxattr() here,
and that was enough to clear the setuid perm on various
file systems here at least.
We can expand on this in future if needed,
which would be better as a separate patch anyway.
cheers,
Pádraig.
That is exactly what a strace showed me: setxattr() doesn't remove
non-permission bits while with the explicit no-preserve=mode option, we
could expect them to goes away.
From my point of view, there should be a new option, allowing us to
explicitely discard ACL too, eg: no-preserve=mode,acl and then, enforce
usage of chmod in such a case instead of relying on setxattr(). That is
just an idea through, that would make us able to not break old behavior
for those relying on it.
Yes, that is system dependent. Should I create another issue for that issue?
Anyway, thank for your involvement here. That is much appreciated.
--
Laurent Declercq
iHMS/i-MSCP CEO & Lead Developer
This message and any attachment are intended solely for the addressees
and are
confidential. iHMS/i-MSCP, including any part representing these
entities may
not be held responsible for their contents whose accuracy and
completeness cannot
be guaranteed over the Internet. Unauthorized use, disclosure,
distribution, copying,
or any part thereof is strictly prohibited. If you are not the intended
recipient of
this message, please notify the sender immediately and delete it.
<>