Re: [Toybox] [landley/toybox] install -d -o USER -g GROUP DEST doesn't set uid/gid (#105)

Sat, 17 Nov 2018 18:22:42 -0800 



Message: 2
Date: Sat, 17 Nov 2018 12:28:32 -0600
From: Rob Landley <r...@landley.net>
To:
        
reply+001597098b9d9b8e3d721b2b98b1330abe67582879274d3792cf0000000117f33b1392a169ce16724...@reply.github.com,
        toybox <toybox@lists.landley.net>
Subject: Re: [Toybox] [landley/toybox] install -d -o USER -g GROUP
        DEST doesn't set uid/gid (#105)
Message-ID: <10eaa8fd-c028-5890-3a5b-33bef447b...@landley.net>
Content-Type: text/plain; charset=utf-8

On 11/1/18 5:07 PM, Volodymyr Medvid wrote:

"install -d" doesn't honor custom uid/gid.
install_main returns early if (flags & FLAG_d), doing mkpathat without fchown.


Hmmm... I just pushed a patch to that, but it's not quiet right.

When calling lchown() it does xgetuid() and xgetgid() for the default values
you're not overriding (when you have -o or -g but not both). Technically that
should be the fsuid, but although there's a setfsuid() I can't find a 
_getfsuid()_?

Man 7 capabilities is uninformative. And I still dunno what the point of suid
is. (We added real and effective, but programs know to look for both of those
know and freak if they're different! Let's add /opt and start sticking files in
there, then we'll need /opt/usr for when people start to expect it!)

Sorry, that's another rant:

   http://lists.busybox.net/pipermail/busybox/2010-December/074114.html

(Which I got slightly wrong: the / disk was half a megabyte, the rk05 disk packs
were 2.5 megabytes each. Still adds up to 3 megabytes though. Primary sources
are https://www.bell-labs.com/usr/dmr/www/notes.html and
https://www.bell-labs.com/usr/dmr/www/hist.html)

Anyway, install -d does what you expect now, UNLESS you run it in a context
where you've changed fsuid (which was implemented for samba, so the server could
read/write files as different users without having to fork and run entirely _as_
those users). That would be ignored on the last path component, but not the ones
before it.

Let me know if anybody comes up with a proper fix. :)

Rob



Arn't they part of stat?

I believe openbsd have a getfsuid(), though not sure how good it is.

regards
scsijon
_______________________________________________
Toybox mailing list
Toybox@lists.landley.net
http://lists.landley.net/listinfo.cgi/toybox-landley.net






















					Reply via email to