Public bug reported:
Binary package hint: nautilus
I am using Nautilus in connection with Eiciel for ACL support (what is
the status of Nautilus' native ACL support anyways? I heard it should be
there from GNOME 2.16 on...). When I copy a directory with files from a
partition that was not mounted with acl support, file permissions differ
depending on whether I do this copy operation from a shell (cp -r) or
via Drag&Drop in Nautilus. In my oppinion, the file permissions via the
shell command are more sensible.
----------------------------------
Permissions of the source directory (not mounted with ACL support)
[EMAIL PROTECTED]:~$ getfacl .
# file: .
# owner: hb
# group: hb
user::rwx
group::r-x
other::r-x
----------------------------------
Permissions of the target directory (mounted with ACL support)
[EMAIL PROTECTED]:~$ cd /var/pictures/
[EMAIL PROTECTED]:/var/pictures$ getfacl .
# file: .
# owner: root
# group: pictures
user::rwx
group::rwx
other::---
default:user::rwx
default:group::rwx
default:mask::rwx
default:other::---
----------------------------------
Permissions of a subdirectory and a file in the subdirectory of the target
directory (mounted with ACL support) that has been copied via the shell
[EMAIL PROTECTED]:/var/pictures$ getfacl copy_s #this is a directory
# file: copy_s
# owner: hb
# group: pictures
user::rwx
group::rwx #effective:r-x
mask::r-x
other::---
default:user::rwx
default:group::rwx
default:mask::rwx
default:other::---
[EMAIL PROTECTED]:/var/pictures$ getfacl copy_s/copy_s # this is a file
# file: copy_s/copy_s
# owner: hb
# group: pictures
user::rw-
group::rwx #effective:r--
mask::r--
other::---
----------------------------------
Permissions of a subdirectory and a file in the subdirectory of the target
directory (mounted with ACL support) that has been copied via Nautilus Drag&Drop
[EMAIL PROTECTED]:/var/pictures$ getfacl copy_n
# file: copy_n
# owner: hb
# group: pictures
user::rwx
group::rwx #effective:r-x
mask::r-x
other::r-x
default:user::rwx
default:group::rwx
default:mask::rwx
default:other::---
[EMAIL PROTECTED]:/var/pictures$ getfacl copy_n/copy_n
# file: copy_n/copy_n
# owner: hb
# group: pictures
user::rw-
group::rwx #effective:r--
mask::r--
other::r--
----------------------------------------------------------------------------------------------------
Note how the permissions of "other" differ. I very much prefer them the
way the shell does it. Since Nautilus is granting unwanted read access
for world, I am marking this bug as a security vulnerability.
** Affects: nautilus (Ubuntu)
Importance: Undecided
Status: New
** Visibility changed to: Public
--
Inconsistency with Nautilus drag&drop and ACL
https://bugs.launchpad.net/bugs/137458
You received this bug notification because you are a member of Ubuntu
Bugs, which is the bug contact for Ubuntu.
--
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
