[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Pan-users] Re: Save attachment file permissions
From: |
Duncan |
Subject: |
[Pan-users] Re: Save attachment file permissions |
Date: |
Sun, 22 Feb 2009 08:34:55 +0000 (UTC) |
User-agent: |
Pan/0.133 (House of Butterflies) |
walt <address@hidden> posted
address@hidden, excerpted below, on Sun, 22 Feb 2009 00:06:50
+0000:
> On Thu, 19 Feb 2009 23:35:32 +0000, Duncan wrote:
>
>> The thing is, however, that UUE includes the file permission field, and
>> even Windows apps will need to put /something/ there. My question
>> would be what gravity puts there, and where it gets it (some config
>> option, a default, asks each time, looks to see if it's an exe and adds
>> exe perms, what?)...
>
> I couldn't resist that challenge, so I installed the latest Gravity beta
> on a virtual XP machine (so I can revert any bad decisions with the
> click of a virtual button) and I can say with absolute conviction that
> my results were ambiguous :o)
>
> Take a look at gmane.test to see for yourself.
Actually, they make perfect sense to me. No ambiguousness. =:^)
BTW, how did you check the posted perms? Saving the raw message text and
opening that file to see what Gravity actually sent in the permissions
field (what I just did), or just saving the file using pan to see how it
saved it (not necessarily accurate if you're testing Gravity, not pan,
and not the interaction of the two)?
> I created an empty linux file named uuencode (a confusing choice of
> names)
Yes, confusing indeed! I didn't realize /how/ confusing until I went
over to .test and looked at your tests myself.
> did a chmod +x on it, and posted it *twice* using Gravity. The
> first time using *mime* encoding, and the second time with uuencode.
I take it the MIME encoding is the one you were confused about. It's
simple, really. MIME doesn't have a Unix permissions field at all, so
whatever gets saved when the attachment is saved, is the receiver-side
default, which with pan happens to be 644 if I groked the uulib code
correctly.
Only UUE and yEnc have a Unix permissions field for the sender to fill in.
> (Gravity makes it trivial to pick which one you want.) (I used samba to
> make the linux file accessible to the virtual XP machine.) (This is my
> record for the most parenthetical comments in one paragraph.)
And I thought I was bad with parentheticals. =;^)
But, your mention of SAMBA jarred my thinking. If I'm not mistaken (and
maybe I am as I've never used SAMBA), Windows won't see Unix file
permissions no matter what serves up the file. It's just not designed to
work that way. Let me ask you this. Using Explorer to browse the SAMBA
shares, do the files show up with the appropriate permissions? Are they
actually honored? (The best way I can think of to test that with the exe
bit would be to take a Windows executable and make a second copy,
different name, in the same directory. Then set the executable bit on
one, and clear it on the other. Now in Windows, will Windows execute
just the one with the executable bit, both, or neither, or is it totally
contrary and will only execute the one /without/ the executable bit?)
I'd suppose not.
If the above is correct and Windows doesn't see (or sees, but ignores)
the permissions, then you could permission bitflip all day and it
wouldn't make a bit of difference to Gravity, because it's using the
standard Windows API to access the files, so couldn't know anything more
about them than the standard Windows API shows it.
> Anyway, it took me a while to figure out that Gravity won't post an
> empty attachment, so I did it again with a small text file that I did a
> chmod +x on before posting.
OK, that makes sense, except that as I said, I doubt the chmod did a
thing in terms of what Gravity did.
> I still found the result confusing, so just now I posted a file that I
> named '705.txt' because I gave it 705 permissions -- a pretty unlikely
> set of perms.
OK, that's smart thinking... except as I said, I seriously doubt Gravity
cares at all what the perms were, as long as it could read the file and
therefore post it.
> I find that Gravity still posted it with 755 perms, so I think the
> question is answered: it uses 755 by default and ignores any real *ix
> perms.
Yes, that pretty well answers the question. So whoever it was that
posted that trojan didn't have to hack anything to get it to post the 755
perms.
> As an aside, I found Gravity to remain based in the stone ages of Win9x:
> it still installs its data/config files (like ~/.pan2) in its own binary
> installation directory (C:\Program Files\Gravity\) which is a sad
> commentary on the whole Windows paradigm considering that Gravity is
> still actively maintained on sourceforge.net :o(
>
> Seems like we're making little progress in the M$ world...
Which raises a good question, at least here. Since with eXPrivacy MS
passed a line I would not and could not pass, thus actually pushing me to
Linux (which I had been thinking about and agreed with intellectually
previous to that, but after nearly a decade on MS and as an MS power user
and "advanced beginner to intermediate level" programmer, I'm honestly
not sure I'd have ever made the jump if MS hadn't pushed me by crossing
that line I couldn't follow it passed), Windows 98 is actually the last
MS I was familiar with. Thus, I really haven't the foggiest what MS
"best practice" might be in this or pretty much any other regard, today.
Do normal MS programs still store their data files in the program files
dir (assuming the registry isn't enough for them), or do they store them
elsewhere, and if so, where? Yes, Gravity appears to still be using the
W98 paradigm, but is that still MS "best practice" in that regard, or has
MS changed and Gravity stood still? Does MS normally require admin
permissions to write to the system Program Files dir and individual
program subdirs? Does Gravity at least use user-specific files in that
dir, or would multiple users' data all be in the same common
configuration?
You know, it has been /years/ since I thought about that sort of thing!
I now just take for granted that there's a system general config, and
that any user files will be written to files or better a subdir in an
individual user's home. Even considering anything else... is like I just
stepped into a time machine and went back a decade. (Is that /all/ it
was? /Only less than a decade ago? WOW!)
But really, we were discussing anti-virus somewhere a few days ago too,
and the notion of having to scan everything just seems so... quaint...
now. As does the whole EULA thing. You mean programmers actually expect
people to agree to those things, and what's even /more/ astounding,
people actually /do/ so?!? How... astoundingly... backward!!
I mean, honestly, I feel a bit like the characters in Star Trek, The
Voyage Home, were supposed to have felt, picking up a mouse and trying to
speak to the computer! But what's the sickest is that people actually
accept it as normal, knowing no better, or even WORSE, when they DO know
better!! If it was just quaint software it would be one thing, but
people actually think this is acceptable behavior for a modern computer
program! Not even to mention the whole gotta call in and get permission
to run it or it goes into some reduced functionality mode after a few
days!
OTOH, I guess you must have agreed to the EULA and etc to install it in
your virtual machine, too. Doesn't that make you feel kinda... used...
slimy... like you've just been raped or something?
Well, I guess I got rather on a rant, and yes I know not everyone shares
my ideals, but honestly, now days I *DO* take offense, when a EULA comes
up or something. It's as if they think I'm subhuman or something. Like
as if I'd actually consider signing away my rights. Like it's something
they can even ASK me to do, in "polite" society. To me, it really IS an
insult! They don't even think I respect myself and my own rights enough
that they can actually even bring it up! That's one thing I do NOT do
now, EVER! If I wanted a beautiful young woman to sleep with me, she'd
be right to be insulted if I asked her if she'd sell herself for a buck.
Well, these guys are asking me to sell myself for the "privilege" of
running their software. It's slimy, gross, and not only will I not do
it, but I'm insulted they'd even consider it acceptable to ask!
Yes, I DO realize I'm not the /ordinary/ person. And I'm proud of it,
but regardless, there's no way in **** I'm cheap enough to sign away my
rights just to run their stupid software!
--
Duncan - List replies preferred. No HTML msgs.
"Every nonfree program has a lord, a master --
and if you use the program, he is your master." Richard Stallman
- Re: [Pan-users] Re: Save attachment file permissions, (continued)
[Pan-users] Re: Save attachment file permissions, walt, 2009/02/18
- Re: [Pan-users] Re: Save attachment file permissions, Paul Crawford, 2009/02/19
- Re: [Pan-users] Re: Save attachment file permissions, Steven D'Aprano, 2009/02/19
- [Pan-users] Re: Save attachment file permissions, walt, 2009/02/19
- [Pan-users] Re: Save attachment file permissions, Duncan, 2009/02/19
- [Pan-users] Re: Save attachment file permissions, walt, 2009/02/19
- [Pan-users] Re: Save attachment file permissions, Duncan, 2009/02/19
- [Pan-users] Re: Save attachment file permissions, walt, 2009/02/21
- [Pan-users] Re: Save attachment file permissions,
Duncan <=
- Re: [Pan-users] Re: Save attachment file permissions, Steven D'Aprano, 2009/02/22
- Re: [Pan-users] Re: Save attachment file permissions, Paul Crawford, 2009/02/22
- Re: [Pan-users] Re: Save attachment file permissions, walt, 2009/02/22
- Re: [Pan-users] Re: Save attachment file permissions, Paul Crawford, 2009/02/22
- Re: [Pan-users] Re: Save attachment file permissions, walt, 2009/02/22
- Re: [Pan-users] Re: Save attachment file permissions, Paul Crawford, 2009/02/23
[Pan-users] Re: Save attachment file permissions, Duncan, 2009/02/19