On 25/01/2024 14:13, Pádraig Brady wrote:
On 25/01/2024 12:30, Johannes Segitz wrote:
Hello,
chown has a flag that prevents symlink following. chown/chmod is sometimes
used in %post/%pre sections of rpm packages to fix up permissions. When
this is done in user owned directories (somewhere along the path) this is a
security problem. chown allows users to handle this via the -h flag which
instructs it not to follow a symlink.
The attached patch adds this flag for chmod. I read
https://git.savannah.gnu.org/cgit/coreutils.git/plain/README-hacking
but chmod doesn't have an email listed, so I set the patch here.
Please CC me in replies, I'm not subscribed to the list.
We've been consolidating chown/chmod/chgrp recently,
and I was already looking at this.
I'll incorporate your patch with what I was working on.
This is the third and last part of the recent chown/chgrp/chmod
alignment series, the previous two being:
https://github.com/coreutils/coreutils/commit/da091b3ab add --from to chgrp
https://github.com/coreutils/coreutils/commit/9cc8d6ff5 merge chown/chgrp
sources
The attached adds -hHLP, --{no-,}dereference options to chmod,
to align with chown, and chgrp. It also aligns with chmod on other systems.