<div dir="ltr"><div class="gmail_extra"><div class="gmail_quote">On Sat, Feb 3, 2018 at 5:20 AM, Dave Gordon via rsync <span dir="ltr"><<a href="mailto:rsync@lists.samba.org" target="_blank">rsync@lists.samba.org</a>></span> wrote:<br><blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left:1px solid rgb(204,204,204);padding-left:1ex">[...fake-super symlink saved as a file...]</blockquote><blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left:1px solid rgb(204,204,204);padding-left:1ex">This results in the copy being world-writable.<br></blockquote><div><br></div><div>Indeed. The file initially gets created as a mode-600 file, but the code later tweaks the permissions to match the symlink, which is (as you note) a bad thing.</div><div><br></div><div>My first reaction is to change the code in set_stat_xattr() (in <span style="color:rgb(34,34,34);font-family:arial,sans-serif;font-size:small;font-style:normal;font-variant-ligatures:normal;font-variant-caps:normal;font-weight:400;letter-spacing:normal;text-align:start;text-indent:0px;text-transform:none;white-space:normal;word-spacing:0px;background-color:rgb(255,255,255);text-decoration-style:initial;text-decoration-color:initial;float:none;display:inline">xattrs.c) from</span>:</div><div><br></div><div><div>       if (fst.st_mode != mode)</div><div>

<div style="color:rgb(34,34,34);font-family:arial,sans-serif;font-size:small;font-style:normal;font-variant-ligatures:normal;font-variant-caps:normal;font-weight:400;letter-spacing:normal;text-align:start;text-indent:0px;text-transform:none;white-space:normal;word-spacing:0px;background-color:rgb(255,255,255);text-decoration-style:initial;text-decoration-color:initial">               do_chmod(fname, mode);</div><div><br></div>to:</div><div><br class="gmail-Apple-interchange-newline">

       if (fst.st_mode != mode && !S_ISLNK(file->mode))</div><div>               do_chmod(fname, mode);</div><div><br></div><div style="color:rgb(34,34,34);font-family:arial,sans-serif;font-size:small;font-style:normal;font-variant-ligatures:normal;font-variant-caps:normal;font-weight:400;letter-spacing:normal;text-align:start;text-indent:0px;text-transform:none;white-space:normal;word-spacing:0px;background-color:rgb(255,255,255);text-decoration-style:initial;text-decoration-color:initial"><div class="gmail_signature">..wayne.. </div></div></div></div></div></div>