bug-coreutils
[Top][All Lists]
Advanced

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: AW: cp -p does not work if normal users are allowed to chown files


From: Jim Meyering
Subject: Re: AW: cp -p does not work if normal users are allowed to chown files
Date: Mon, 10 Mar 2008 15:32:24 +0100

"PHILIPP, Axel, Dr." <address@hidden> wrote:
> Jim Meyering [mailto:address@hidden wrote:
>>  ....  This is relatively
>>  low priority, since very few people care about systems configured to
>>  allow regular users to use chown.  If you don't hear back
>> from someone
>>  after a couple weeks, please ping the mailing list. ]
>
> I agree. Otherwise the problem should have been detected earlier. So I
> tried to produce a patch by myself. It does pass some simple tests, but
> I am not sure whether it is wellbehaved in all possible situations.
> Anyhow, I hope it can help as starting point.
>
> Changes are:
> (i) change mode before ownership if non-root user specifies preserve
> ownership.
> (ii) do not transfer special bits if preserve mode is specified without
> preserve owner. Since this is a deviation from current behaviour I made
> it dependent on (the new variable) force_suid_transfer=false
> Rationale: let cp --preserve=mode,time behave for non-root users on
> systems with unrestricted chown behave like cp -p on systems with
> restricted chown.
> (iii) added some more caution with respect to temporary permissions.

Thanks for the patch.
However my first reaction (not even reading it) is that it looks
far too big to be acceptable, considering it would change an already
tricky and sensitive part of cp -- and all that, solely for the benefit
of the very few systems on which regular users can chown files.
That seems to put the risk/benefit ratio off the scale.

Here's a possibility:
You can maintain this as a separate patch (or better, as a git branch --
then just rebase periodically), advertise it, and if you find enough
people to use and test it, perhaps you will resubmit it in a year or two,
with testimonials.

If you pursue this (and as a prerequisite, if it's ever to have a chance
at being accepted for inclusion), I suggest that you write a few test
scripts to exercise as much of the changed behavior as you can.

Sorry not even to review the code, but I hope you understand,

Jim




reply via email to

[Prev in Thread] Current Thread [Next in Thread]