[debbugs-tracker] bug#11436: closed (Please disable test cp/parent-perm-race on hurd-i386)

[GNU bug Tracking System]

Your message dated Sun, 07 Oct 2012 11:46:16 +0200
with message-id <address@hidden>
and subject line Re: bug#11436: Please disable test cp/parent-perm-race on 
hurd-i386
has caused the debbugs.gnu.org bug report #11436,
regarding Please disable test cp/parent-perm-race on hurd-i386
to be marked as done.

(If you believe you have received this mail in error, please contact
address@hidden)


-- 
11436: http://debbugs.gnu.org/cgi/bugreport.cgi?bug=11436
GNU Bug Tracking System
Contact address@hidden with problems
> --- Begin Message ---
>
>
>
> Subject: 
>
> Please disable test cp/parent-perm-race on hurd-i386
>
>
>
>
> Date: 
>
> Tue, 8 May 2012 20:38:16 +0200
>
>
>
>
> User-agent: 
>
> Mutt/1.5.21+34 (58baf7c9f32f) (2010-12-30)
>
>
>
>
> Hello,
>
> (From http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=670478 )
>
> cp/parent-perm-race tries to copy a fifo with the --copy-contents
> option.  The problem is that cp still uses O_NOFOLLOW in that case,
> strace shows:
>
> open("mode/fifo", O_RDONLY|O_NOFOLLOW)
>
> O_NOFOLLOW is actually normally meant for security, to avoid attacks
> through symlink redirection.  In that case, the Hurd thus disables
> translators too, to avoid any rogue translator that would achieve the
> same kind attack as symlink redirection.  But then --copy-contents can
> not work, since the fifo thus can not work (it's a translator that
> implements it).  I don't think either the Hurd or coreutils will want to
> change their behavior, so could the test be disabled on GNU/Hurd?
>
> Samuel
>
>
>
> --- End Message ---
> --- Begin Message ---
>
>
>
> Subject: 
>
> Re: bug#11436: Please disable test cp/parent-perm-race on hurd-i386
>
>
>
>
> Date: 
>
> Sun, 07 Oct 2012 11:46:16 +0200
>
>
>
>
> Ludovic Courtès wrote:
> > Samuel Thibault <address@hidden> skribis:
> >
> >> Eric Blake, le Tue 08 May 2012 12:46:57 -0600, a écrit :
> >>> http://pubs.opengroup.org/onlinepubs/9699919799/functions/open.html
> >>> O_NOFOLLOW
> >>>     If path names a symbolic link, fail and set errno to [ELOOP].
> >>> 
> >>> I wouldn't object to yet another O_* flag that can be used to disable
> >>> translators,
> >>
> >> The problem is that we can't expect people to know about that flag, and
> >> use it where security is needed.
> >>
> >>> but don't see how breaking POSIX semantics of a FIFO just because
> >>> O_NOFOLLOW was used is warranted.
> >>
> >> I don't mean it's warranted.  I mean that it's expected that using
> >> O_NOFOLLOW will disable translators.  We can however perhaps refine the
> >> behavior to at least make standard fifos work.
> >
> > Yes.  In glibc, ‘__hurd_file_name_lookup_retry’ does this:
> >
> >         if (flags & O_NOFOLLOW)
> >           {
> >             /* In Linux, O_NOFOLLOW means to reject symlinks.  If we
>
> Thanks.
> I'm closing this issue as notabug.
> If you still think the test should be disabled for the Hurd,
> feel free to reopen it.
>
>
> --- End Message ---