Re: Re: sequence of chmod and chown in unrestricted chown environment

bug-gzip

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Re: sequence of chmod and chown in unrestricted chown environment

From:	Vladimir Marek
Subject:	Re: Re: sequence of chmod and chown in unrestricted chown environment
Date:	Tue, 9 Jul 2013 12:46:22 +0200
User-agent:	Mutt/ (2012-12-30)

Hi,

> > On solaris you can mount given filesystem with norstchown parameter
> > which gives the owner of the file the ability to chown the file to
> > someone else.
> 
> Yes, that's true.  But this is unusual -- I've never
> seen it done, and I've used a lot of Solaris systems.
> Who uses it and why?  It might be helpful to understand
> their motiviation before diving into implementation.

That's my question also, but I don't have the answer at the moment. At
the moment the complain is only about the fact that gzip used to work
for them before patch 120719-02 and does not work now. (The patch
contains the change mentioned earlier [1]).


> Anyway, for reasons discussed in the earlier thread,
> we can't simply change the code to do a chmod before
> chown, as that would be wrong for typical platforms.
> Nor does it make sense for this to be a configure-time
> option, as even on Solaris gzip's current behavior
> is typically correct now, and it's wrong only in the
> unusual case where file systems have this mount option.

Right. On the other hand, doing always chmod before chown on Solaris
would also work, if I understand things correctly. It would work the
same for the current majority of operations and in addition also for the
norstchown case. But I understand the hesitation to break something
which used to work for such a time :)


> Nor should it be settable by a command-line option or
> (even worse) an environment variable.  Most users won't
> know about the option.

I agree.


> Here's a better idea: have gzip detect when the destination
> is on a file system that lets you give files away and where
> it's correct to do the chmod before the chown.  On platforms
> that never let you give files away, this should take zero
> instructions at run-time.  On platforms like Solaris where
> it depends on mount options, this should inspect the mount
> options.
> 
> Can you contribute code to do that?

Sure. It's detectable by pathconf(2) syscall, looking for
_PC_CHOWN_RESTRICTED. If you will consider such a change I'm more than
happy to work on the implementation.

[1] 
http://git.savannah.gnu.org/gitweb/?p=gzip.git;a=commitdiff;h=3477834ce69a74cb84d6efccd22716475cc506f3

Thank you
-- 
        Vlad

[Prev in Thread]

Current Thread

[Next in Thread]

sequence of chmod and chown in unrestricted chown environment, Vladimir Marek, 2013/07/08
- Re: sequence of chmod and chown in unrestricted chown environment, Paul Eggert, 2013/07/08
  - Re: Re: sequence of chmod and chown in unrestricted chown environment, Vladimir Marek <=
    - Re: sequence of chmod and chown in unrestricted chown environment, Paul Eggert, 2013/07/09
    - Re: Re: sequence of chmod and chown in unrestricted chown environment, Vladimir Marek, 2013/07/10
    - Re: sequence of chmod and chown in unrestricted chown environment, Paul Eggert, 2013/07/10

Prev by Date: Re: sequence of chmod and chown in unrestricted chown environment
Next by Date: Re: sequence of chmod and chown in unrestricted chown environment
Previous by thread: Re: sequence of chmod and chown in unrestricted chown environment
Next by thread: Re: sequence of chmod and chown in unrestricted chown environment
Index(es):
- Date
- Thread