Unfortunate results from fake-super
Dave Gordon
dg32768 at zoho.eu
Mon Feb 5 23:03:25 UTC 2018
On 05/02/18 05:53, Wayne Davison wrote:
> On Sat, Feb 3, 2018 at 5:20 AM, Dave Gordon via rsync
> <rsync at lists.samba.org <mailto:rsync at lists.samba.org>> wrote:
>
> [...fake-super symlink saved as a file...]
>
> This results in the copy being world-writable.
>
> Indeed. The file initially gets created as a mode-600 file, but the code
> later tweaks the permissions to match the symlink, which is (as you
> note) a bad thing.
>
> My first reaction is to change the code in set_stat_xattr()
> (in xattrs.c) from:
>
> if (fst.st_mode != mode)
> do_chmod(fname, mode);
>
> to:
>
> if (fst.st_mode != mode && !S_ISLNK(file->mode))
> do_chmod(fname, mode);
>
> ..wayne..
That's certainly an improvement; from the safety point of view, leaving
it as 0600 is a lot better than leaving it as 0777. I'm currently
investigating a slightly more extensive fix to allow more control over
how fake-symlink files end up, also to make fake-super work better with
incoming-chmod for the daemon case.
.Dave.
More information about the rsync
mailing list