[MERGE] sftp transport: do not chmod a dir when unecessary (fix suid and sgid problems).
John Arbash Meinel
john at arbash-meinel.com
Thu Jul 17 23:29:30 BST 2008
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Christophe TROESTLER wrote:
| On Tue, 08 Jul 2008 20:29:31 -0500, John Arbash Meinel wrote:
|> We specifically preserve the bits that were set on the .bzr/
|> directory. (...) So if your top level .bzr/ directory doesn't have
|> +w, then none of the directories underneath will. (...)
|>
|> The only question is when there isn't a .bzr/ directory to stat. I
think we
|> try to stat its containing directory, but I'm not positive if that is
still
|> the case.
|
| Thanks for the clarification. In my case, the g+w bit was set when
| the umask was 0002 and not when it was 0022 -- hence my question.
|
|> First thing I see.. "stat.st_mode > 01000", but usually the fact the
|> object is a file or directory is stored in the upper bits, so you
|> should be masking those off.
|
| You are right, I corrected this oversight (with Harald suggestion).
|
| On Wed, 09 Jul 2008 11:10:42 +0200, Harald Meland wrote:
|> If I've understood the sftp behaviour correctly, these bits will be
|> cleared by the chmod() done immediately below this warning.
|
| Correct.
|
|> warning('About to chmod %s over sftp, which will result in its'
|> ' suid or sgid bits being cleared. If you want to'
|> ' preserve those bits, change your environment on the'
|> ' server to use umask ...')
|
| I have adopted your message.
|
| Patch attached.
|
| Cheers,
| ChriS
|
|
I'm interested in reviewing this, do we know why BB didn't find it?
John
=:->
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (Cygwin)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org
iEYEARECAAYFAkh/x8oACgkQJdeBCYSNAAM6sQCgu0HR1RWJBj+ifXVyDYNaonmy
5bIAnik2FrO6FSwyuvLRmu+c4JMmn9S8
=DN0x
-----END PGP SIGNATURE-----
More information about the bazaar
mailing list