bug-coreutils
[Top][All Lists]
Advanced

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

cp -p does not work if normal users are allowed to chown files


From: PHILIPP, Axel, Dr.
Subject: cp -p does not work if normal users are allowed to chown files
Date: Wed, 13 Feb 2008 10:29:21 +0100

Dear cp-Maintainer,

we ran into problems with cp -p on our Linux system when the file system
is configured to allow chown for normal users (eg
/proc/sys/fs/xfs/restrict_chown=0). As long as we used the IRIX cp was
used everything went fine, but with GNU cp we run into errors "cp:
preserving permissions for `testdir/f1': Operation not permitted"
because ownership is changed before changing permissions.

I do not understand the argument for this behaviour:

[cp.c]:  /* Adjust the times (and if possible, ownership) for the copy.
         chown turns off set[ug]id bits for non-root,
         so do the chmod last.  */

because for a non-root user the set[ug]id bits are either cleared by
chown or may not be set. To me the reason seems to be that there
shouldn't be an intermediate suid root binary if root copies a setuid
<other user> binary.

I do not believe that any special permissions should be preserved unless
the owner (and group) of the destination file is the same as the owner
of the source file.

I think the correct order of preserving mode and ownership is

1. change the standard permissions
2. change owner (if requested)
3. if (src_has_special_perms && owner_src == owner_dest && (user == root
|| user == owner_dest)) set special perms on dest file.



Mit freundlichen Gruessen / Best Regards

Axel PHILIPP   Geb. 044/557
Dr. rer. nat., Dipl. Phys.

MTU Aero Engines GmbH
Informationswirtschaft/Entwicklungssysteme (FIE)
Information Management/Engineering Systems (FIE)
Dachauer Str. 665
80995 Muenchen
Germany

Tel  +49 (0)89 1489-4715
Fax +49 (0)89 1489-97533

-- 
MTU Aero Engines GmbH
Geschaeftsfuehrung/Board of Management: Egon W. Behle, Vorsitzender/CEO; Dr. 
Rainer Martens, Dr. Stefan Weingartner, Reiner Winkler
Vorsitzender des Aufsichtsrats/Chairman of the Supervisory Board: Klaus 
Eberhardt
Sitz der Gesellschaft/Registered Office: Muenchen
Handelsregister/Commercial Register: Muenchen HRB 154230




reply via email to

[Prev in Thread] Current Thread [Next in Thread]