[Top][All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

bug#8391: chmod setuid & setguid bits

From: Paul Eggert
Subject: bug#8391: chmod setuid & setguid bits
Date: Fri, 24 Feb 2012 08:01:30 -0800
User-agent: Mozilla/5.0 (X11; Linux i686; rv:10.0.2) Gecko/20120216 Thunderbird/10.0.2

On 02/24/2012 04:53 AM, Ondrej Vasik wrote:
> address@hidden by default keeps the set-user-ID and set-group-ID bits
> +of @var{mode} of a directory when the mode is specified as an octal digit,
> +unless the mode length is 5 digits with leading double zero.

Wait a minute: 00755 works, but 000775 doesn't?  Isn't that odd?
Also, what about modes like 0000?  They have two leading zeros --
shouldn't they clear the setuid bits too?

The more I think about it, the more-confusing the double-leading-zero
notation see,s.  How about using a more-obvious notation instead?
Say, a leading "="?  For example, "=755" would mean "exactly 755"
and would clear the setuid bit.  mode_compile could implement this.

Regardless, documentation about this notation should be be in the
section "Directories and the Set-User-ID and Set-Group-ID Bits";
that's where it belongs.

+        mode_adjust (old_mode, (S_ISDIR (old_mode) != 0) && keepdirbits,
+                     0, change, NULL);

This change depends on internal details of mode_adjust, and doesn't
feel right.  The second argument of mode_adjust means that the argument
is a directory, and is also used to interpret modes like +X.
The code above will work, but it's not clean.  It'd be better
to make the second argument of mode_adjust an int 'flags' argument,
with two flags, one flag saying that it's a directory and one flag saying
whether it should ignore requests to clear UID and GID bits.

Or better yet, leave the call to mode_adjust alone, and have mode_compile
figure this stuff out.

reply via email to

[Prev in Thread] Current Thread [Next in Thread]