Re: [PATCH] cp, mv: do preserve extended attributes even for read-only source files

[Ondřej Vašík]

Pádraig Brady wrote:
> Ondřej Vašík wrote:
> > Ah, I knew I forgot to do something :). Thanks for spotting this.
> > 
> > Restoring to dest_mode & ~omitted_permissions done in attached patch,
> > dropped redirections from the test as well. Additionally - I modified
> > the copy.c patch a bit - failure of mode change now doesn't mean that I
> > don't try to preserve extended attributes (as it still could pass). 
> 
> 
> > Pádraig is right that it looks like some kind of bug in libattr and
> > fsetxattr() function, as the descriptor should be writable, anyway this
> > should workaround it - at least until they'll fix/change it or other way
> > of solution will be found.
> 
> What's the best place to report that?
> It would be good to add a comment in the code that this is a workaround
> rather than expected behaviour (after confirming the bug of course).

libattr upstream has mailing list xfs at oss.sgi.com , so maybe the best
place is there. 

> > Ok with passing to 7.7, although with such small impact and relatively
> > low danger, it could maybe included to 7.6 (if more snapshots will be
> > before real release).
> 
> To minimize side affects perhaps we should only do the chmod(600)
> if (geteuid () != 0 && !access (src_name, W_OK)) ?

Good idea, it would reduce possibility of security leak, playing with
access rights is always a bit dangerous (although here we play with
rights on destination descriptor, which is imho much more safe).

Additionally - Jim is correct that for different owner 0600 rights are
not sufficient for different owner of the file - and 0666 is too much
devil-like ;) . Any idea?

Greetings,
         Ondřej

signature.asc
Description: Toto je digitálně podepsaná část zprávy