|
1 http://debbugs.gnu.org/cgi/bugreport.cgi?bug=15672 |
|
2 |
|
3 The patch was changed so that it applies cleanly to our soruce tree. |
|
4 --- |
|
5 Thanks for the suggestion. Does the following patch work for you? |
|
6 I've pushed this to the savannah master for gzip. |
|
7 |
|
8 From 0f167be4f843ac5fcd8f0bc120202782d09a453f Mon Sep 17 00:00:00 2001 |
|
9 From: Paul Eggert <[email protected]> |
|
10 Date: Thu, 24 Oct 2013 00:19:56 -0700 |
|
11 Subject: [PATCH] gzip: fix permissions issue on Solaris-like systems |
|
12 |
|
13 I.e., on systems that let users give files away. |
|
14 * gzip.c (do_chown): New function. |
|
15 (copy_stat): Use it, to change the group, then the permissions, |
|
16 then the owner. Idea suggested by Vladimir Marek in |
|
17 <http://bugs.gnu.org/15672#11> |
|
18 --- |
|
19 gzip.c | 33 ++++++++++++++++++++++++--------- |
|
20 1 file changed, 24 insertions(+), 9 deletions(-) |
|
21 |
|
22 diff --git a/gzip.c b/gzip.c |
|
23 index 93cc738..f40cd21 100644 |
|
24 --- a/gzip.c |
|
25 +++ b/gzip.c |
|
26 @@ -1684,6 +1684,21 @@ local int check_ofname() |
|
27 return OK; |
|
28 } |
|
29 |
|
30 +/* Change the owner and group of a file. FD is a file descriptor for |
|
31 + the file and NAME its name. Change it to user UID and to group GID. |
|
32 + If UID or GID is -1, though, do not change the corresponding user |
|
33 + or group. */ |
|
34 +static void |
|
35 +do_chown (int fd, char const *name, uid_t uid, gid_t gid) |
|
36 +{ |
|
37 +#ifndef NO_CHOWN |
|
38 +# if HAVE_FCHOWN |
|
39 + ignore_value (fchown (fd, uid, gid)); |
|
40 +# else |
|
41 + ignore_value (chown (name, uid, gid)); |
|
42 +# endif |
|
43 +#endif |
|
44 +} |
|
45 |
|
46 /* ======================================================================== |
|
47 * Copy modes, times, ownership from input file to output file. |
|
48 @@ -1722,16 +1727,14 @@ local void copy_stat(ifstat) |
|
49 } |
|
50 #endif |
|
51 |
|
52 -#ifndef NO_CHOWN |
|
53 - /* Copy ownership */ |
|
54 -# if HAVE_FCHOWN |
|
55 - ignore_value (fchown (ofd, ifstat->st_uid, ifstat->st_gid)); |
|
56 -# elif HAVE_CHOWN |
|
57 - ignore_value (chown (ofname, ifstat->st_uid, ifstat->st_gid)); |
|
58 -# endif |
|
59 -#endif |
|
60 + /* Change the group first, then the permissions, then the owner. |
|
61 + That way, the permissions will be correct on systems that allow |
|
62 + users to give away files, without introducing a security hole. |
|
63 + Security depends on permissions not containing the setuid or |
|
64 + setgid bits. */ |
|
65 + |
|
66 + do_chown (ofd, ofname, -1, ifstat->st_gid); |
|
67 |
|
68 - /* Copy the protection modes */ |
|
69 #if HAVE_FCHMOD |
|
70 r = fchmod (ofd, mode); |
|
71 #else |
|
72 @@ -1745,6 +1758,8 @@ local void copy_stat(ifstat) |
|
73 perror(ofname); |
|
74 } |
|
75 } |
|
76 + |
|
77 + do_chown (ofd, ofname, ifstat->st_uid, -1); |
|
78 } |
|
79 |
|
80 #if ! NO_DIR |
|
81 -- |
|
82 1.8.3.1 |
|
83 |