| author | Vladimir Marek <Vladimir.Marek@oracle.com> |
| Thu, 24 Oct 2013 11:32:02 +0200 | |
| branch | s11-update |
| changeset 2838 | 9db52525e999 |
| permissions | -rw-r--r-- |
|
2838
9db52525e999
17601119 gzip is unable to set permissions under file_chown_self privilege
Vladimir Marek <Vladimir.Marek@oracle.com>
parents:
diff
changeset
|
1 |
http://debbugs.gnu.org/cgi/bugreport.cgi?bug=15672 |
|
9db52525e999
17601119 gzip is unable to set permissions under file_chown_self privilege
Vladimir Marek <Vladimir.Marek@oracle.com>
parents:
diff
changeset
|
2 |
|
|
9db52525e999
17601119 gzip is unable to set permissions under file_chown_self privilege
Vladimir Marek <Vladimir.Marek@oracle.com>
parents:
diff
changeset
|
3 |
The patch was changed so that it applies cleanly to our soruce tree. |
|
9db52525e999
17601119 gzip is unable to set permissions under file_chown_self privilege
Vladimir Marek <Vladimir.Marek@oracle.com>
parents:
diff
changeset
|
4 |
--- |
|
9db52525e999
17601119 gzip is unable to set permissions under file_chown_self privilege
Vladimir Marek <Vladimir.Marek@oracle.com>
parents:
diff
changeset
|
5 |
Thanks for the suggestion. Does the following patch work for you? |
|
9db52525e999
17601119 gzip is unable to set permissions under file_chown_self privilege
Vladimir Marek <Vladimir.Marek@oracle.com>
parents:
diff
changeset
|
6 |
I've pushed this to the savannah master for gzip. |
|
9db52525e999
17601119 gzip is unable to set permissions under file_chown_self privilege
Vladimir Marek <Vladimir.Marek@oracle.com>
parents:
diff
changeset
|
7 |
|
|
9db52525e999
17601119 gzip is unable to set permissions under file_chown_self privilege
Vladimir Marek <Vladimir.Marek@oracle.com>
parents:
diff
changeset
|
8 |
From 0f167be4f843ac5fcd8f0bc120202782d09a453f Mon Sep 17 00:00:00 2001 |
|
9db52525e999
17601119 gzip is unable to set permissions under file_chown_self privilege
Vladimir Marek <Vladimir.Marek@oracle.com>
parents:
diff
changeset
|
9 |
From: Paul Eggert <[email protected]> |
|
9db52525e999
17601119 gzip is unable to set permissions under file_chown_self privilege
Vladimir Marek <Vladimir.Marek@oracle.com>
parents:
diff
changeset
|
10 |
Date: Thu, 24 Oct 2013 00:19:56 -0700 |
|
9db52525e999
17601119 gzip is unable to set permissions under file_chown_self privilege
Vladimir Marek <Vladimir.Marek@oracle.com>
parents:
diff
changeset
|
11 |
Subject: [PATCH] gzip: fix permissions issue on Solaris-like systems |
|
9db52525e999
17601119 gzip is unable to set permissions under file_chown_self privilege
Vladimir Marek <Vladimir.Marek@oracle.com>
parents:
diff
changeset
|
12 |
|
|
9db52525e999
17601119 gzip is unable to set permissions under file_chown_self privilege
Vladimir Marek <Vladimir.Marek@oracle.com>
parents:
diff
changeset
|
13 |
I.e., on systems that let users give files away. |
|
9db52525e999
17601119 gzip is unable to set permissions under file_chown_self privilege
Vladimir Marek <Vladimir.Marek@oracle.com>
parents:
diff
changeset
|
14 |
* gzip.c (do_chown): New function. |
|
9db52525e999
17601119 gzip is unable to set permissions under file_chown_self privilege
Vladimir Marek <Vladimir.Marek@oracle.com>
parents:
diff
changeset
|
15 |
(copy_stat): Use it, to change the group, then the permissions, |
|
9db52525e999
17601119 gzip is unable to set permissions under file_chown_self privilege
Vladimir Marek <Vladimir.Marek@oracle.com>
parents:
diff
changeset
|
16 |
then the owner. Idea suggested by Vladimir Marek in |
|
9db52525e999
17601119 gzip is unable to set permissions under file_chown_self privilege
Vladimir Marek <Vladimir.Marek@oracle.com>
parents:
diff
changeset
|
17 |
<http://bugs.gnu.org/15672#11> |
|
9db52525e999
17601119 gzip is unable to set permissions under file_chown_self privilege
Vladimir Marek <Vladimir.Marek@oracle.com>
parents:
diff
changeset
|
18 |
--- |
|
9db52525e999
17601119 gzip is unable to set permissions under file_chown_self privilege
Vladimir Marek <Vladimir.Marek@oracle.com>
parents:
diff
changeset
|
19 |
gzip.c | 33 ++++++++++++++++++++++++--------- |
|
9db52525e999
17601119 gzip is unable to set permissions under file_chown_self privilege
Vladimir Marek <Vladimir.Marek@oracle.com>
parents:
diff
changeset
|
20 |
1 file changed, 24 insertions(+), 9 deletions(-) |
|
9db52525e999
17601119 gzip is unable to set permissions under file_chown_self privilege
Vladimir Marek <Vladimir.Marek@oracle.com>
parents:
diff
changeset
|
21 |
|
|
9db52525e999
17601119 gzip is unable to set permissions under file_chown_self privilege
Vladimir Marek <Vladimir.Marek@oracle.com>
parents:
diff
changeset
|
22 |
diff --git a/gzip.c b/gzip.c |
|
9db52525e999
17601119 gzip is unable to set permissions under file_chown_self privilege
Vladimir Marek <Vladimir.Marek@oracle.com>
parents:
diff
changeset
|
23 |
index 93cc738..f40cd21 100644 |
|
9db52525e999
17601119 gzip is unable to set permissions under file_chown_self privilege
Vladimir Marek <Vladimir.Marek@oracle.com>
parents:
diff
changeset
|
24 |
--- a/gzip.c |
|
9db52525e999
17601119 gzip is unable to set permissions under file_chown_self privilege
Vladimir Marek <Vladimir.Marek@oracle.com>
parents:
diff
changeset
|
25 |
+++ b/gzip.c |
|
9db52525e999
17601119 gzip is unable to set permissions under file_chown_self privilege
Vladimir Marek <Vladimir.Marek@oracle.com>
parents:
diff
changeset
|
26 |
@@ -1684,6 +1684,21 @@ local int check_ofname() |
|
9db52525e999
17601119 gzip is unable to set permissions under file_chown_self privilege
Vladimir Marek <Vladimir.Marek@oracle.com>
parents:
diff
changeset
|
27 |
return OK; |
|
9db52525e999
17601119 gzip is unable to set permissions under file_chown_self privilege
Vladimir Marek <Vladimir.Marek@oracle.com>
parents:
diff
changeset
|
28 |
} |
|
9db52525e999
17601119 gzip is unable to set permissions under file_chown_self privilege
Vladimir Marek <Vladimir.Marek@oracle.com>
parents:
diff
changeset
|
29 |
|
|
9db52525e999
17601119 gzip is unable to set permissions under file_chown_self privilege
Vladimir Marek <Vladimir.Marek@oracle.com>
parents:
diff
changeset
|
30 |
+/* Change the owner and group of a file. FD is a file descriptor for |
|
9db52525e999
17601119 gzip is unable to set permissions under file_chown_self privilege
Vladimir Marek <Vladimir.Marek@oracle.com>
parents:
diff
changeset
|
31 |
+ the file and NAME its name. Change it to user UID and to group GID. |
|
9db52525e999
17601119 gzip is unable to set permissions under file_chown_self privilege
Vladimir Marek <Vladimir.Marek@oracle.com>
parents:
diff
changeset
|
32 |
+ If UID or GID is -1, though, do not change the corresponding user |
|
9db52525e999
17601119 gzip is unable to set permissions under file_chown_self privilege
Vladimir Marek <Vladimir.Marek@oracle.com>
parents:
diff
changeset
|
33 |
+ or group. */ |
|
9db52525e999
17601119 gzip is unable to set permissions under file_chown_self privilege
Vladimir Marek <Vladimir.Marek@oracle.com>
parents:
diff
changeset
|
34 |
+static void |
|
9db52525e999
17601119 gzip is unable to set permissions under file_chown_self privilege
Vladimir Marek <Vladimir.Marek@oracle.com>
parents:
diff
changeset
|
35 |
+do_chown (int fd, char const *name, uid_t uid, gid_t gid) |
|
9db52525e999
17601119 gzip is unable to set permissions under file_chown_self privilege
Vladimir Marek <Vladimir.Marek@oracle.com>
parents:
diff
changeset
|
36 |
+{
|
|
9db52525e999
17601119 gzip is unable to set permissions under file_chown_self privilege
Vladimir Marek <Vladimir.Marek@oracle.com>
parents:
diff
changeset
|
37 |
+#ifndef NO_CHOWN |
|
9db52525e999
17601119 gzip is unable to set permissions under file_chown_self privilege
Vladimir Marek <Vladimir.Marek@oracle.com>
parents:
diff
changeset
|
38 |
+# if HAVE_FCHOWN |
|
9db52525e999
17601119 gzip is unable to set permissions under file_chown_self privilege
Vladimir Marek <Vladimir.Marek@oracle.com>
parents:
diff
changeset
|
39 |
+ ignore_value (fchown (fd, uid, gid)); |
|
9db52525e999
17601119 gzip is unable to set permissions under file_chown_self privilege
Vladimir Marek <Vladimir.Marek@oracle.com>
parents:
diff
changeset
|
40 |
+# else |
|
9db52525e999
17601119 gzip is unable to set permissions under file_chown_self privilege
Vladimir Marek <Vladimir.Marek@oracle.com>
parents:
diff
changeset
|
41 |
+ ignore_value (chown (name, uid, gid)); |
|
9db52525e999
17601119 gzip is unable to set permissions under file_chown_self privilege
Vladimir Marek <Vladimir.Marek@oracle.com>
parents:
diff
changeset
|
42 |
+# endif |
|
9db52525e999
17601119 gzip is unable to set permissions under file_chown_self privilege
Vladimir Marek <Vladimir.Marek@oracle.com>
parents:
diff
changeset
|
43 |
+#endif |
|
9db52525e999
17601119 gzip is unable to set permissions under file_chown_self privilege
Vladimir Marek <Vladimir.Marek@oracle.com>
parents:
diff
changeset
|
44 |
+} |
|
9db52525e999
17601119 gzip is unable to set permissions under file_chown_self privilege
Vladimir Marek <Vladimir.Marek@oracle.com>
parents:
diff
changeset
|
45 |
|
|
9db52525e999
17601119 gzip is unable to set permissions under file_chown_self privilege
Vladimir Marek <Vladimir.Marek@oracle.com>
parents:
diff
changeset
|
46 |
/* ======================================================================== |
|
9db52525e999
17601119 gzip is unable to set permissions under file_chown_self privilege
Vladimir Marek <Vladimir.Marek@oracle.com>
parents:
diff
changeset
|
47 |
* Copy modes, times, ownership from input file to output file. |
|
9db52525e999
17601119 gzip is unable to set permissions under file_chown_self privilege
Vladimir Marek <Vladimir.Marek@oracle.com>
parents:
diff
changeset
|
48 |
@@ -1722,16 +1727,14 @@ local void copy_stat(ifstat) |
|
9db52525e999
17601119 gzip is unable to set permissions under file_chown_self privilege
Vladimir Marek <Vladimir.Marek@oracle.com>
parents:
diff
changeset
|
49 |
} |
|
9db52525e999
17601119 gzip is unable to set permissions under file_chown_self privilege
Vladimir Marek <Vladimir.Marek@oracle.com>
parents:
diff
changeset
|
50 |
#endif |
|
9db52525e999
17601119 gzip is unable to set permissions under file_chown_self privilege
Vladimir Marek <Vladimir.Marek@oracle.com>
parents:
diff
changeset
|
51 |
|
|
9db52525e999
17601119 gzip is unable to set permissions under file_chown_self privilege
Vladimir Marek <Vladimir.Marek@oracle.com>
parents:
diff
changeset
|
52 |
-#ifndef NO_CHOWN |
|
9db52525e999
17601119 gzip is unable to set permissions under file_chown_self privilege
Vladimir Marek <Vladimir.Marek@oracle.com>
parents:
diff
changeset
|
53 |
- /* Copy ownership */ |
|
9db52525e999
17601119 gzip is unable to set permissions under file_chown_self privilege
Vladimir Marek <Vladimir.Marek@oracle.com>
parents:
diff
changeset
|
54 |
-# if HAVE_FCHOWN |
|
9db52525e999
17601119 gzip is unable to set permissions under file_chown_self privilege
Vladimir Marek <Vladimir.Marek@oracle.com>
parents:
diff
changeset
|
55 |
- ignore_value (fchown (ofd, ifstat->st_uid, ifstat->st_gid)); |
|
9db52525e999
17601119 gzip is unable to set permissions under file_chown_self privilege
Vladimir Marek <Vladimir.Marek@oracle.com>
parents:
diff
changeset
|
56 |
-# elif HAVE_CHOWN |
|
9db52525e999
17601119 gzip is unable to set permissions under file_chown_self privilege
Vladimir Marek <Vladimir.Marek@oracle.com>
parents:
diff
changeset
|
57 |
- ignore_value (chown (ofname, ifstat->st_uid, ifstat->st_gid)); |
|
9db52525e999
17601119 gzip is unable to set permissions under file_chown_self privilege
Vladimir Marek <Vladimir.Marek@oracle.com>
parents:
diff
changeset
|
58 |
-# endif |
|
9db52525e999
17601119 gzip is unable to set permissions under file_chown_self privilege
Vladimir Marek <Vladimir.Marek@oracle.com>
parents:
diff
changeset
|
59 |
-#endif |
|
9db52525e999
17601119 gzip is unable to set permissions under file_chown_self privilege
Vladimir Marek <Vladimir.Marek@oracle.com>
parents:
diff
changeset
|
60 |
+ /* Change the group first, then the permissions, then the owner. |
|
9db52525e999
17601119 gzip is unable to set permissions under file_chown_self privilege
Vladimir Marek <Vladimir.Marek@oracle.com>
parents:
diff
changeset
|
61 |
+ That way, the permissions will be correct on systems that allow |
|
9db52525e999
17601119 gzip is unable to set permissions under file_chown_self privilege
Vladimir Marek <Vladimir.Marek@oracle.com>
parents:
diff
changeset
|
62 |
+ users to give away files, without introducing a security hole. |
|
9db52525e999
17601119 gzip is unable to set permissions under file_chown_self privilege
Vladimir Marek <Vladimir.Marek@oracle.com>
parents:
diff
changeset
|
63 |
+ Security depends on permissions not containing the setuid or |
|
9db52525e999
17601119 gzip is unable to set permissions under file_chown_self privilege
Vladimir Marek <Vladimir.Marek@oracle.com>
parents:
diff
changeset
|
64 |
+ setgid bits. */ |
|
9db52525e999
17601119 gzip is unable to set permissions under file_chown_self privilege
Vladimir Marek <Vladimir.Marek@oracle.com>
parents:
diff
changeset
|
65 |
+ |
|
9db52525e999
17601119 gzip is unable to set permissions under file_chown_self privilege
Vladimir Marek <Vladimir.Marek@oracle.com>
parents:
diff
changeset
|
66 |
+ do_chown (ofd, ofname, -1, ifstat->st_gid); |
|
9db52525e999
17601119 gzip is unable to set permissions under file_chown_self privilege
Vladimir Marek <Vladimir.Marek@oracle.com>
parents:
diff
changeset
|
67 |
|
|
9db52525e999
17601119 gzip is unable to set permissions under file_chown_self privilege
Vladimir Marek <Vladimir.Marek@oracle.com>
parents:
diff
changeset
|
68 |
- /* Copy the protection modes */ |
|
9db52525e999
17601119 gzip is unable to set permissions under file_chown_self privilege
Vladimir Marek <Vladimir.Marek@oracle.com>
parents:
diff
changeset
|
69 |
#if HAVE_FCHMOD |
|
9db52525e999
17601119 gzip is unable to set permissions under file_chown_self privilege
Vladimir Marek <Vladimir.Marek@oracle.com>
parents:
diff
changeset
|
70 |
r = fchmod (ofd, mode); |
|
9db52525e999
17601119 gzip is unable to set permissions under file_chown_self privilege
Vladimir Marek <Vladimir.Marek@oracle.com>
parents:
diff
changeset
|
71 |
#else |
|
9db52525e999
17601119 gzip is unable to set permissions under file_chown_self privilege
Vladimir Marek <Vladimir.Marek@oracle.com>
parents:
diff
changeset
|
72 |
@@ -1745,6 +1758,8 @@ local void copy_stat(ifstat) |
|
9db52525e999
17601119 gzip is unable to set permissions under file_chown_self privilege
Vladimir Marek <Vladimir.Marek@oracle.com>
parents:
diff
changeset
|
73 |
perror(ofname); |
|
9db52525e999
17601119 gzip is unable to set permissions under file_chown_self privilege
Vladimir Marek <Vladimir.Marek@oracle.com>
parents:
diff
changeset
|
74 |
} |
|
9db52525e999
17601119 gzip is unable to set permissions under file_chown_self privilege
Vladimir Marek <Vladimir.Marek@oracle.com>
parents:
diff
changeset
|
75 |
} |
|
9db52525e999
17601119 gzip is unable to set permissions under file_chown_self privilege
Vladimir Marek <Vladimir.Marek@oracle.com>
parents:
diff
changeset
|
76 |
+ |
|
9db52525e999
17601119 gzip is unable to set permissions under file_chown_self privilege
Vladimir Marek <Vladimir.Marek@oracle.com>
parents:
diff
changeset
|
77 |
+ do_chown (ofd, ofname, ifstat->st_uid, -1); |
|
9db52525e999
17601119 gzip is unable to set permissions under file_chown_self privilege
Vladimir Marek <Vladimir.Marek@oracle.com>
parents:
diff
changeset
|
78 |
} |
|
9db52525e999
17601119 gzip is unable to set permissions under file_chown_self privilege
Vladimir Marek <Vladimir.Marek@oracle.com>
parents:
diff
changeset
|
79 |
|
|
9db52525e999
17601119 gzip is unable to set permissions under file_chown_self privilege
Vladimir Marek <Vladimir.Marek@oracle.com>
parents:
diff
changeset
|
80 |
#if ! NO_DIR |
|
9db52525e999
17601119 gzip is unable to set permissions under file_chown_self privilege
Vladimir Marek <Vladimir.Marek@oracle.com>
parents:
diff
changeset
|
81 |
-- |
|
9db52525e999
17601119 gzip is unable to set permissions under file_chown_self privilege
Vladimir Marek <Vladimir.Marek@oracle.com>
parents:
diff
changeset
|
82 |
1.8.3.1 |
|
9db52525e999
17601119 gzip is unable to set permissions under file_chown_self privilege
Vladimir Marek <Vladimir.Marek@oracle.com>
parents:
diff
changeset
|
83 |