From unknown Fri Aug 15 14:48:44 2025 Content-Disposition: inline Content-Transfer-Encoding: quoted-printable MIME-Version: 1.0 X-Mailer: MIME-tools 5.509 (Entity 5.509) Content-Type: text/plain; charset=utf-8 From: bug#3712 <3712@debbugs.gnu.org> To: bug#3712 <3712@debbugs.gnu.org> Subject: Status: 23.1.50; SECURITY: Tramp creates -rwxrwxrwx permission files with /su and /sudo method Reply-To: bug#3712 <3712@debbugs.gnu.org> Date: Fri, 15 Aug 2025 21:48:44 +0000 retitle 3712 23.1.50; SECURITY: Tramp creates -rwxrwxrwx permission files w= ith /su and /sudo method reassign 3712 emacs submitter 3712 Teemu Likonen severity 3712 serious thanks From tlikonen@iki.fi Mon Jun 29 08:17:16 2009 Received: (at submit) by emacsbugs.donarmstrong.com; 29 Jun 2009 15:17:16 +0000 X-Spam-Checker-Version: SpamAssassin 3.2.5-bugs.debian.org_2005_01_02 (2008-06-10) on rzlab.ucr.edu X-Spam-Level: X-Spam-Bayes: score:0.5 Bayes not run. spammytokens:Tokens not available. hammytokens:Tokens not available. X-Spam-Status: No, score=0.2 required=4.0 tests=AWL,FOURLA,IMPRONONCABLE_1, MURPHY_WRONG_WORD1,MURPHY_WRONG_WORD2,SARE_SUB_6CONS_WORD,SARE_SUB_9CONS_WORD autolearn=no version=3.2.5-bugs.debian.org_2005_01_02 Received: from fencepost.gnu.org (fencepost.gnu.org [140.186.70.10]) by rzlab.ucr.edu (8.14.3/8.14.3/Debian-5) with ESMTP id n5TFH9O1010661 for ; Mon, 29 Jun 2009 08:17:10 -0700 Received: from mx10.gnu.org ([199.232.76.166]:55484) by fencepost.gnu.org with esmtp (Exim 4.67) (envelope-from ) id 1MLIbU-00018K-KX for emacs-pretest-bug@gnu.org; Mon, 29 Jun 2009 11:17:08 -0400 Received: from Debian-exim by monty-python.gnu.org with spam-scanned (Exim 4.60) (envelope-from ) id 1MLIbR-0003Yd-40 for emacs-pretest-bug@gnu.org; Mon, 29 Jun 2009 11:17:07 -0400 Received: from mx20.gnu.org ([199.232.41.8]:36682) by monty-python.gnu.org with esmtps (TLS-1.0:RSA_AES_256_CBC_SHA1:32) (Exim 4.60) (envelope-from ) id 1MLIbP-0003Ut-Ti for emacs-pretest-bug@gnu.org; Mon, 29 Jun 2009 11:17:04 -0400 Received: from mta-out.inet.fi ([195.156.147.13] helo=kirsi1.inet.fi) by mx20.gnu.org with esmtp (Exim 4.60) (envelope-from ) id 1MLIbH-0003X1-Cv for emacs-pretest-bug@gnu.org; Mon, 29 Jun 2009 11:16:55 -0400 Received: from mithlond.arda.local (80.220.180.181) by kirsi1.inet.fi (8.5.014) id 49F6055A0244348C for emacs-pretest-bug@gnu.org; Mon, 29 Jun 2009 18:16:46 +0300 Received: from dtw by mithlond.arda.local with local (Exim 4.69) (envelope-from ) id 1MLIas-00051f-1M for emacs-pretest-bug@gnu.org; Mon, 29 Jun 2009 18:16:30 +0300 From: Teemu Likonen To: emacs-pretest-bug@gnu.org Subject: 23.1.50; SECURITY: Tramp creates -rwxrwxrwx permission files with /su and /sudo method Date: Mon, 29 Jun 2009 18:16:30 +0300 Message-ID: <87ljnbax4h.fsf@iki.fi> User-Agent: Gnus/5.13 (Gnus v5.13) Emacs/23.1.50 (gnu/linux) MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii X-Detected-Operating-System: by mx20.gnu.org: GNU/Linux 2.6 (newer, 3) X-detected-operating-system: by monty-python.gnu.org: Genre and OS details not recognized. When method /su: or /sudo: is used to _create_ a file the file's permission will be set to -rwxrwxrwx (777), that is, allow everything for everyone. Obviously this is serious security bug. Steps to reproduce: 1. Start Emacs as a normal user: emacs -Q 2. Create a file in a directory to which the user who launched this Emacs session doesn't have write access. C-x C-f /su::/root/test.txt 3. Write some content to the file and save it with "C-x C-s". 4. Check file's permissions. It has 777 permission bits: $ ls -l /root/test.txt -rwxrwxrwx 1 root root 5 2009-06-29 17:58 /root/test.txt For some reason, if I create similar file to the same user's home directory who launched this Emacs session (/su::$HOME/test.txt) then it gets 644 permissions (probably honoring umask settings). In GNU Emacs 23.1.50.4 (i686-pc-linux-gnu, GTK+ Version 2.12.12) of 2009-06-29 on mithlond Windowing system distributor `The X.Org Foundation', version 11.0.10402000 configured using `configure '--prefix=/home/dtw/local'' From tlikonen@iki.fi Mon Jun 29 08:28:04 2009 Received: (at control) by emacsbugs.donarmstrong.com; 29 Jun 2009 15:28:04 +0000 X-Spam-Checker-Version: SpamAssassin 3.2.5-bugs.debian.org_2005_01_02 (2008-06-10) on rzlab.ucr.edu X-Spam-Level: X-Spam-Bayes: score:0.5 Bayes not run. spammytokens:Tokens not available. hammytokens:Tokens not available. X-Spam-Status: No, score=-0.2 required=4.0 tests=AWL,ONEWORD,VALID_BTS_CONTROL autolearn=no version=3.2.5-bugs.debian.org_2005_01_02 Received: from kirsi2.inet.fi (mta-out.inet.fi [195.156.147.13]) by rzlab.ucr.edu (8.14.3/8.14.3/Debian-5) with ESMTP id n5TFS0UW012242 for ; Mon, 29 Jun 2009 08:28:01 -0700 Received: from mithlond.arda.local (80.220.180.181) by kirsi2.inet.fi (8.5.014) id 49F6DD58023A2F75 for control@emacsbugs.donarmstrong.com; Mon, 29 Jun 2009 18:27:59 +0300 Received: from dtw by mithlond.arda.local with local (Exim 4.69) (envelope-from ) id 1MLIly-000540-O5 for control@emacsbugs.donarmstrong.com; Mon, 29 Jun 2009 18:27:58 +0300 From: Teemu Likonen To: control@debbugs.gnu.org Subject: Severity Date: Mon, 29 Jun 2009 18:27:58 +0300 Message-ID: <87hbxzawld.fsf@iki.fi> User-Agent: Gnus/5.13 (Gnus v5.13) Emacs/23.1.50 (gnu/linux) MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii severity 3712 serious tags 3712 + security From tlikonen@iki.fi Mon Jun 29 12:11:06 2009 Received: (at 3712) by emacsbugs.donarmstrong.com; 29 Jun 2009 19:11:06 +0000 X-Spam-Checker-Version: SpamAssassin 3.2.5-bugs.debian.org_2005_01_02 (2008-06-10) on rzlab.ucr.edu X-Spam-Level: X-Spam-Bayes: score:0.5 Bayes not run. spammytokens:Tokens not available. hammytokens:Tokens not available. X-Spam-Status: No, score=0.3 required=4.0 tests=AWL,IMPRONONCABLE_1, MURPHY_WRONG_WORD1,MURPHY_WRONG_WORD2,SARE_SUB_6CONS_WORD,SARE_SUB_9CONS_WORD autolearn=no version=3.2.5-bugs.debian.org_2005_01_02 Received: from jenni2.inet.fi (mta-out.inet.fi [195.156.147.13]) by rzlab.ucr.edu (8.14.3/8.14.3/Debian-5) with ESMTP id n5TJB117018478 for <3712@emacsbugs.donarmstrong.com>; Mon, 29 Jun 2009 12:11:02 -0700 Received: from mithlond.arda.local (80.220.180.181) by jenni2.inet.fi (8.5.014) id 49F5CB6402441305 for 3712@emacsbugs.donarmstrong.com; Mon, 29 Jun 2009 22:11:00 +0300 Received: from dtw by mithlond.arda.local with local (Exim 4.69) (envelope-from ) id 1MLMFn-0007Hk-Ts for 3712@emacsbugs.donarmstrong.com; Mon, 29 Jun 2009 22:10:59 +0300 From: Teemu Likonen To: 3712@debbugs.gnu.org Subject: Re: 23.1.50; SECURITY: Tramp creates -rwxrwxrwx permission files with /su and /sudo method In-Reply-To: <87ljnbax4h.fsf@iki.fi> (Teemu Likonen's message of "Mon, 29 Jun 2009 18:16:30 +0300") References: <87ljnbax4h.fsf@iki.fi> Date: Mon, 29 Jun 2009 22:10:59 +0300 Message-ID: <8763eevosc.fsf@iki.fi> User-Agent: Gnus/5.13 (Gnus v5.13) Emacs/23.1.50 (gnu/linux) MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii On 2009-06-29 18:16 (+0300), Teemu Likonen wrote: > When method /su: or /sudo: is used to _create_ a file the file's > permission will be set to -rwxrwxrwx (777), [...] This also happens when _editing_ an existing file because "backup by renaming" will move the old file aside and the new version of file is really creating a new file. So, if you want to give your /etc/passwd and /etc/shadow the -rwxrwxrwx permissions just edit the files with tramp's /su or /sudo method while having backup by renaming enabled. From michael.albinus@gmx.de Mon Jun 29 14:15:32 2009 Received: (at 3712) by emacsbugs.donarmstrong.com; 29 Jun 2009 21:15:32 +0000 X-Spam-Checker-Version: SpamAssassin 3.2.5-bugs.debian.org_2005_01_02 (2008-06-10) on rzlab.ucr.edu X-Spam-Level: X-Spam-Bayes: score:0.5 Bayes not run. spammytokens:Tokens not available. hammytokens:Tokens not available. X-Spam-Status: No, score=-3.8 required=4.0 tests=AWL,HAS_BUG_NUMBER, IMPRONONCABLE_1,MURPHY_WRONG_WORD1,MURPHY_WRONG_WORD2,SARE_SUB_6CONS_WORD, SARE_SUB_9CONS_WORD autolearn=ham version=3.2.5-bugs.debian.org_2005_01_02 Received: from mail.gmx.net (mail.gmx.net [213.165.64.20]) by rzlab.ucr.edu (8.14.3/8.14.3/Debian-5) with SMTP id n5TLFQom007633 for <3712@emacsbugs.donarmstrong.com>; Mon, 29 Jun 2009 14:15:28 -0700 Received: (qmail invoked by alias); 29 Jun 2009 21:15:20 -0000 Received: from p57A22293.dip0.t-ipconnect.de (EHLO arthur.local) [87.162.34.147] by mail.gmx.net (mp067) with SMTP; 29 Jun 2009 23:15:20 +0200 X-Authenticated: #3708877 X-Provags-ID: V01U2FsdGVkX198njNO57F80hbcPuiVvwIfJ1DJtGbsI29GH1Pdj2 U2Cbi4jixSW1Oo From: Michael Albinus To: Teemu Likonen Cc: 3712@debbugs.gnu.org Subject: Re: bug#3712: 23.1.50; SECURITY: Tramp creates -rwxrwxrwx permission files with /su and /sudo method References: <87ljnbax4h.fsf@iki.fi> <8763eevosc.fsf@iki.fi> Date: Mon, 29 Jun 2009 23:15:19 +0200 In-Reply-To: <8763eevosc.fsf@iki.fi> (Teemu Likonen's message of "Mon, 29 Jun 2009 22:10:59 +0300") Message-ID: <87ws6uzqqg.fsf@gmx.de> User-Agent: Gnus/5.13 (Gnus v5.13) Emacs/23.1.50 (gnu/linux) MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii X-Y-GMX-Trusted: 0 X-FuHaFi: 0.64 Teemu Likonen writes: > On 2009-06-29 18:16 (+0300), Teemu Likonen wrote: > >> When method /su: or /sudo: is used to _create_ a file the file's >> permission will be set to -rwxrwxrwx (777), [...] I've committed a fix, to both the trunk and the 23.1 branch. > This also happens when _editing_ an existing file because "backup by > renaming" will move the old file aside and the new version of file is > really creating a new file. > > So, if you want to give your /etc/passwd and /etc/shadow the -rwxrwxrwx > permissions just edit the files with tramp's /su or /sudo method while > having backup by renaming enabled. This I cannot reproduce. I have set `backup-by-copying' to nil. Backups of files under /sudo::... have the same permissions as the original file. Best regards, Michael. From tlikonen@iki.fi Mon Jun 29 15:01:31 2009 Received: (at 3712) by emacsbugs.donarmstrong.com; 29 Jun 2009 22:01:32 +0000 X-Spam-Checker-Version: SpamAssassin 3.2.5-bugs.debian.org_2005_01_02 (2008-06-10) on rzlab.ucr.edu X-Spam-Level: X-Spam-Bayes: score:0.5 Bayes not run. spammytokens:Tokens not available. hammytokens:Tokens not available. X-Spam-Status: No, score=-1.2 required=4.0 tests=AWL,HAS_BUG_NUMBER, IMPRONONCABLE_1,MURPHY_WRONG_WORD1,MURPHY_WRONG_WORD2,SARE_SUB_6CONS_WORD, SARE_SUB_9CONS_WORD autolearn=ham version=3.2.5-bugs.debian.org_2005_01_02 Received: from jenni1.inet.fi (mta-out.inet.fi [195.156.147.13]) by rzlab.ucr.edu (8.14.3/8.14.3/Debian-5) with ESMTP id n5TM1RLm015490 for <3712@emacsbugs.donarmstrong.com>; Mon, 29 Jun 2009 15:01:28 -0700 Received: from mithlond.arda.local (80.220.180.181) by jenni1.inet.fi (8.5.014) id 49F5976602491C75; Tue, 30 Jun 2009 01:01:26 +0300 Received: from dtw by mithlond.arda.local with local (Exim 4.69) (envelope-from ) id 1MLOuf-0001ye-7V; Tue, 30 Jun 2009 01:01:21 +0300 From: Teemu Likonen To: Michael Albinus Cc: 3712@debbugs.gnu.org Subject: Re: bug#3712: 23.1.50; SECURITY: Tramp creates -rwxrwxrwx permission files with /su and /sudo method In-Reply-To: <87ws6uzqqg.fsf@gmx.de> (Michael Albinus's message of "Mon, 29 Jun 2009 23:15:19 +0200") References: <87ljnbax4h.fsf@iki.fi> <8763eevosc.fsf@iki.fi> <87ws6uzqqg.fsf@gmx.de> Date: Tue, 30 Jun 2009 01:01:21 +0300 Message-ID: <87d48mu2by.fsf@iki.fi> User-Agent: Gnus/5.13 (Gnus v5.13) Emacs/23.1.50 (gnu/linux) MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii On 2009-06-29 23:15 (+0200), Michael Albinus wrote: >> On 2009-06-29 18:16 (+0300), Teemu Likonen wrote: >>> When method /su: or /sudo: is used to _create_ a file the file's >>> permission will be set to -rwxrwxrwx (777), [...] > > I've committed a fix, to both the trunk and the 23.1 branch. Thanks. Otherwise OK but I don't like the fact that it gives executable bits (-rwxr-xr-x) by default. Normal behavior for new files is to drop umask bits _and_ executable bits. Executable must be added explicitly. From tlikonen@iki.fi Mon Jun 29 15:31:56 2009 Received: (at 3712) by emacsbugs.donarmstrong.com; 29 Jun 2009 22:31:57 +0000 X-Spam-Checker-Version: SpamAssassin 3.2.5-bugs.debian.org_2005_01_02 (2008-06-10) on rzlab.ucr.edu X-Spam-Level: X-Spam-Bayes: score:0.5 Bayes not run. spammytokens:Tokens not available. hammytokens:Tokens not available. X-Spam-Status: No, score=-1.2 required=4.0 tests=AWL,HAS_BUG_NUMBER, IMPRONONCABLE_1,MURPHY_WRONG_WORD1,MURPHY_WRONG_WORD2,SARE_SUB_6CONS_WORD, SARE_SUB_9CONS_WORD autolearn=ham version=3.2.5-bugs.debian.org_2005_01_02 Received: from kirsi1.inet.fi (mta-out.inet.fi [195.156.147.13]) by rzlab.ucr.edu (8.14.3/8.14.3/Debian-5) with ESMTP id n5TMVpxU020995 for <3712@emacsbugs.donarmstrong.com>; Mon, 29 Jun 2009 15:31:53 -0700 Received: from mithlond.arda.local (80.220.180.181) by kirsi1.inet.fi (8.5.014) id 49F6055A0246797B; Tue, 30 Jun 2009 01:31:51 +0300 Received: from dtw by mithlond.arda.local with local (Exim 4.69) (envelope-from ) id 1MLPOA-00025i-3P; Tue, 30 Jun 2009 01:31:50 +0300 From: Teemu Likonen To: 3712@debbugs.gnu.org Cc: Michael Albinus Subject: Re: bug#3712: 23.1.50; SECURITY: Tramp creates -rwxrwxrwx permission files with /su and /sudo method In-Reply-To: (Teemu Likonen's message of "Tue, 30 Jun 2009 01:01:21 +0300") References: <87ljnbax4h.fsf@iki.fi> <8763eevosc.fsf@iki.fi> <87ws6uzqqg.fsf@gmx.de> Date: Tue, 30 Jun 2009 01:31:50 +0300 Message-ID: <878wjau0x5.fsf@iki.fi> User-Agent: Gnus/5.13 (Gnus v5.13) Emacs/23.1.50 (gnu/linux) MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii On 2009-06-30 01:01 (+0300), Teemu Likonen wrote: > On 2009-06-29 23:15 (+0200), Michael Albinus wrote: > >>> On 2009-06-29 18:16 (+0300), Teemu Likonen wrote: >>>> When method /su: or /sudo: is used to _create_ a file the file's >>>> permission will be set to -rwxrwxrwx (777), [...] >> >> I've committed a fix, to both the trunk and the 23.1 branch. > > Thanks. Otherwise OK but I don't like the fact that it gives executable > bits (-rwxr-xr-x) by default. Normal behavior for new files is to drop > umask bits _and_ executable bits. Executable must be added explicitly. And when editing existing files it should obviously respect the bits that the file already has. Currently -- even with this fix -- tramp is adding "x" bits at some point because "backup by rename" moves old version out of the way and new is created with -rwxr-xr-x bits. From Michael.Albinus@alcatel-lucent.de Tue Jun 30 05:22:05 2009 Received: (at 3712) by emacsbugs.donarmstrong.com; 30 Jun 2009 12:22:06 +0000 X-Spam-Checker-Version: SpamAssassin 3.2.5-bugs.debian.org_2005_01_02 (2008-06-10) on rzlab.ucr.edu X-Spam-Level: X-Spam-Bayes: score:0.5 Bayes not run. spammytokens:Tokens not available. hammytokens:Tokens not available. X-Spam-Status: No, score=-3.7 required=4.0 tests=AWL,HAS_BUG_NUMBER, IMPRONONCABLE_1,MURPHY_WRONG_WORD1,MURPHY_WRONG_WORD2,SARE_SUB_6CONS_WORD, SARE_SUB_9CONS_WORD autolearn=ham version=3.2.5-bugs.debian.org_2005_01_02 Received: from mailrelay1.alcatel.de (mailrelay1.alcatel.de [194.113.59.95]) by rzlab.ucr.edu (8.14.3/8.14.3/Debian-5) with ESMTP id n5UCM0VD000653 for <3712@emacsbugs.donarmstrong.com>; Tue, 30 Jun 2009 05:22:02 -0700 Received: from destgsu0048.stgl.sel.alcatel.de (destgsu0048.de.alcatel-lucent.com [149.204.242.4]) by mailrelay1.alcatel.de (8.13.8/8.13.8/ICT) with ESMTP id n5UCLsXU019862; Tue, 30 Jun 2009 14:21:54 +0200 Received: from slbhn1.alcatel.de (slbhn1.de.alcatel-lucent.com [149.204.90.35]) by destgsu0048.stgl.sel.alcatel.de (8.12.3/8.12.3) with ESMTP id n5UCLsY4005811; Tue, 30 Jun 2009 14:21:54 +0200 (MEST) From: Michael Albinus To: Teemu Likonen Cc: 3712@debbugs.gnu.org Subject: Re: bug#3712: 23.1.50; SECURITY: Tramp creates -rwxrwxrwx permission files with /su and /sudo method References: <87ljnbax4h.fsf@iki.fi> <8763eevosc.fsf@iki.fi> <87ws6uzqqg.fsf@gmx.de> <878wjau0x5.fsf@iki.fi> Date: Tue, 30 Jun 2009 14:21:53 +0200 In-Reply-To: <878wjau0x5.fsf@iki.fi> (Teemu Likonen's message of "Tue, 30 Jun 2009 01:31:50 +0300") Message-ID: User-Agent: Gnus/5.13 (Gnus v5.13) Emacs/23.0.91 (gnu/linux) MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii X-Alcanet-virus-scanned: n5UCLsY4005811 at destgsu0048.stgl.sel.alcatel.de X-Scanned-By: MIMEDefang 2.57 on 149.204.45.72 Teemu Likonen writes: >> Thanks. Otherwise OK but I don't like the fact that it gives executable >> bits (-rwxr-xr-x) by default. Normal behavior for new files is to drop >> umask bits _and_ executable bits. Executable must be added explicitly. When creating a new file, Tramp uses Emacs' default file modes. You can check them with "M-: (default-file-modes)". If you want to change them, you could apply for example "M-: (set-default-file-modes #o0400)". The value is used then for all newly created files, also for local ones. > And when editing existing files it should obviously respect the bits > that the file already has. Currently -- even with this fix -- tramp is > adding "x" bits at some point because "backup by rename" moves old > version out of the way and new is created with -rwxr-xr-x bits. As I said already, I cannot reproduce it. However, there seems to be a small annoyance in special cases. I've fixed this. Could you, please, check, whether it is OK now for you? Best regards, Michael. From tlikonen@iki.fi Tue Jun 30 06:57:36 2009 Received: (at 3712) by emacsbugs.donarmstrong.com; 30 Jun 2009 13:57:36 +0000 X-Spam-Checker-Version: SpamAssassin 3.2.5-bugs.debian.org_2005_01_02 (2008-06-10) on rzlab.ucr.edu X-Spam-Level: X-Spam-Bayes: score:0.5 Bayes not run. spammytokens:Tokens not available. hammytokens:Tokens not available. X-Spam-Status: No, score=-1.2 required=4.0 tests=AWL,HAS_BUG_NUMBER, IMPRONONCABLE_1,MURPHY_WRONG_WORD1,MURPHY_WRONG_WORD2,SARE_SUB_6CONS_WORD, SARE_SUB_9CONS_WORD autolearn=ham version=3.2.5-bugs.debian.org_2005_01_02 Received: from jenni1.inet.fi (mta-out.inet.fi [195.156.147.13]) by rzlab.ucr.edu (8.14.3/8.14.3/Debian-5) with ESMTP id n5UDvVqo017212 for <3712@emacsbugs.donarmstrong.com>; Tue, 30 Jun 2009 06:57:32 -0700 Received: from mithlond.arda.local (80.220.180.181) by jenni1.inet.fi (8.5.014) id 49F59766024F1E48; Tue, 30 Jun 2009 16:57:27 +0300 Received: from dtw by mithlond.arda.local with local (Exim 4.69) (envelope-from ) id 1MLdpu-0004Vi-R3; Tue, 30 Jun 2009 16:57:26 +0300 From: Teemu Likonen To: Michael Albinus Cc: 3712@debbugs.gnu.org Subject: Re: bug#3712: 23.1.50; SECURITY: Tramp creates -rwxrwxrwx permission files with /su and /sudo method In-Reply-To: (Michael Albinus's message of "Tue, 30 Jun 2009 14:21:53 +0200") References: <87ljnbax4h.fsf@iki.fi> <8763eevosc.fsf@iki.fi> <87ws6uzqqg.fsf@gmx.de> <878wjau0x5.fsf@iki.fi> Date: Tue, 30 Jun 2009 16:57:26 +0300 Message-ID: <871vp1bz95.fsf@iki.fi> User-Agent: Gnus/5.13 (Gnus v5.13) Emacs/23.1.50 (gnu/linux) MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii On 2009-06-30 14:21 (+0200), Michael Albinus wrote: > When creating a new file, Tramp uses Emacs' default file modes. You > can check them with "M-: (default-file-modes)". > > If you want to change them, you could apply for example "M-: > (set-default-file-modes #o0400)". The value is used then for all newly > created files, also for local ones. Hmm, I didn't know about those functions, thanks. And I compiled my Emacs with your recent changes too. I still don't like the default difference between creating a file as a normal user or through /su: or /sudo:. Here's again an example starting from command umask 0022; emacs -Q When I create a file without Tramp (C-x C-f ~/test.txt RET) to my home directory it gets bits 0644. When I create a file through Tramp to /sudo::/root/test.txt it gets bits 0755 (i.e. with executable bits). In both cases Emacs's default-file-modes is the same, the untouched default which is #o755. In fact, all the settings are the same. I'm not sure where this difference should be fixed but from user's point of view the Tramp part brings the unexpected end result. It's unexpected because no other programs create new executable files by default, even when umask doesn't mask executable bits. I appreciate your hint about set-default-file-modes, and I'll use it if necessary, but in my opinion user shouldn't need to run (set-default-file-modes #o0644) in her ~/.emacs just because she wants Tramp to behave similarly to her umask=0022 settings. Instead, the similar behavior should be the default. >> And when editing existing files it should obviously respect the bits >> that the file already has. Currently -- even with this fix -- tramp >> is adding "x" bits at some point because "backup by rename" moves old >> version out of the way and new is created with -rwxr-xr-x bits. > > As I said already, I cannot reproduce it. However, there seems to be a > small annoyance in special cases. I've fixed this. Could you, please, > check, whether it is OK now for you? I could reproduce it before but it seems that not anymore with your newest changes. If you want clear steps how to reproduce it I can inspect the issue more closely. Anyway, thanks for your work on Tramp and Emacs! :-) From Michael.Albinus@alcatel-lucent.de Tue Jun 30 08:34:38 2009 Received: (at 3712) by emacsbugs.donarmstrong.com; 30 Jun 2009 15:34:38 +0000 X-Spam-Checker-Version: SpamAssassin 3.2.5-bugs.debian.org_2005_01_02 (2008-06-10) on rzlab.ucr.edu X-Spam-Level: X-Spam-Bayes: score:0.5 Bayes not run. spammytokens:Tokens not available. hammytokens:Tokens not available. X-Spam-Status: No, score=-3.4 required=4.0 tests=AWL,HAS_BUG_NUMBER, IMPRONONCABLE_1,MURPHY_WRONG_WORD1,MURPHY_WRONG_WORD2,SARE_SUB_6CONS_WORD, SARE_SUB_9CONS_WORD autolearn=ham version=3.2.5-bugs.debian.org_2005_01_02 Received: from mailrelay1.alcatel.de (mailrelay1.alcatel.de [194.113.59.95]) by rzlab.ucr.edu (8.14.3/8.14.3/Debian-5) with ESMTP id n5UFYXj1001767 for <3712@emacsbugs.donarmstrong.com>; Tue, 30 Jun 2009 08:34:35 -0700 Received: from destgsu0048.stgl.sel.alcatel.de (destgsu0048.de.alcatel-lucent.com [149.204.242.4]) by mailrelay1.alcatel.de (8.13.8/8.13.8/ICT) with ESMTP id n5UFYSnr004424; Tue, 30 Jun 2009 17:34:28 +0200 Received: from slbhn1.alcatel.de (slbhn1.de.alcatel-lucent.com [149.204.90.35]) by destgsu0048.stgl.sel.alcatel.de (8.12.3/8.12.3) with ESMTP id n5UFYRY4009484; Tue, 30 Jun 2009 17:34:27 +0200 (MEST) From: Michael Albinus To: Teemu Likonen Cc: 3712@debbugs.gnu.org Subject: Re: bug#3712: 23.1.50; SECURITY: Tramp creates -rwxrwxrwx permission files with /su and /sudo method References: <87ljnbax4h.fsf@iki.fi> <8763eevosc.fsf@iki.fi> <87ws6uzqqg.fsf@gmx.de> <878wjau0x5.fsf@iki.fi> <871vp1bz95.fsf@iki.fi> Date: Tue, 30 Jun 2009 17:34:27 +0200 In-Reply-To: <871vp1bz95.fsf@iki.fi> (Teemu Likonen's message of "Tue, 30 Jun 2009 16:57:26 +0300") Message-ID: User-Agent: Gnus/5.13 (Gnus v5.13) Emacs/23.0.91 (gnu/linux) MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii X-Alcanet-virus-scanned: n5UFYRY4009484 at destgsu0048.stgl.sel.alcatel.de X-Scanned-By: MIMEDefang 2.57 on 149.204.45.72 Teemu Likonen writes: > I'm not sure where this difference should be fixed but from user's point > of view the Tramp part brings the unexpected end result. It's unexpected > because no other programs create new executable files by default, even > when umask doesn't mask executable bits. OK, you've convinced me. Execution bits are removed now for newly created remote files. >> As I said already, I cannot reproduce it. However, there seems to be a >> small annoyance in special cases. I've fixed this. Could you, please, >> check, whether it is OK now for you? > > I could reproduce it before but it seems that not anymore with your > newest changes. If you want clear steps how to reproduce it I can > inspect the issue more closely. If it works also for you it is OK for me. > Anyway, thanks for your work on Tramp and Emacs! :-) Best regards, Michael. From tlikonen@iki.fi Tue Jun 30 09:36:38 2009 Received: (at 3712-done) by emacsbugs.donarmstrong.com; 30 Jun 2009 16:36:38 +0000 X-Spam-Checker-Version: SpamAssassin 3.2.5-bugs.debian.org_2005_01_02 (2008-06-10) on rzlab.ucr.edu X-Spam-Level: X-Spam-Bayes: score:0.5 Bayes not run. spammytokens:Tokens not available. hammytokens:Tokens not available. X-Spam-Status: No, score=-1.2 required=4.0 tests=AWL,HAS_BUG_NUMBER, IMPRONONCABLE_1,MURPHY_WRONG_WORD1,MURPHY_WRONG_WORD2,SARE_SUB_6CONS_WORD, SARE_SUB_9CONS_WORD autolearn=ham version=3.2.5-bugs.debian.org_2005_01_02 Received: from jenni2.inet.fi (mta-out.inet.fi [195.156.147.13]) by rzlab.ucr.edu (8.14.3/8.14.3/Debian-5) with ESMTP id n5UGaYWL012879 for <3712-done@emacsbugs.donarmstrong.com>; Tue, 30 Jun 2009 09:36:35 -0700 Received: from mithlond.arda.local (80.220.180.181) by jenni2.inet.fi (8.5.014) id 49F5CB64024BEFF0; Tue, 30 Jun 2009 19:36:33 +0300 Received: from dtw by mithlond.arda.local with local (Exim 4.69) (envelope-from ) id 1MLgJs-0003Op-Ew; Tue, 30 Jun 2009 19:36:32 +0300 From: Teemu Likonen To: Michael Albinus Cc: 3712-done@debbugs.gnu.org Subject: Re: bug#3712: 23.1.50; SECURITY: Tramp creates -rwxrwxrwx permission files with /su and /sudo method In-Reply-To: (Michael Albinus's message of "Tue, 30 Jun 2009 17:34:27 +0200") References: <87ljnbax4h.fsf@iki.fi> <8763eevosc.fsf@iki.fi> <87ws6uzqqg.fsf@gmx.de> <878wjau0x5.fsf@iki.fi> <871vp1bz95.fsf@iki.fi> Date: Tue, 30 Jun 2009 19:36:32 +0300 Message-ID: <878wj9fzlb.fsf@iki.fi> User-Agent: Gnus/5.13 (Gnus v5.13) Emacs/23.1.50 (gnu/linux) MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii On 2009-06-30 17:34 (+0200), Michael Albinus wrote: > OK, you've convinced me. Execution bits are removed now for newly > created remote files. > If it works also for you it is OK for me. It seems to work perfectly now. Huge thanks! I'm happy to close this bug. From unknown Fri Aug 15 14:48:44 2025 Received: (at fakecontrol) by fakecontrolmessage; To: internal_control@debbugs.gnu.org From: $requester Subject: Internal Control Message-Id: bug archived. Date: Wed, 29 Jul 2009 14:24:10 +0000 User-Agent: Fakemail v42.6.9 # A New Hope # A log time ago, in a galaxy far, far away # something happened. # # Magically this resulted in the following # action being taken, but this fake control # message doesn't tell you why it happened # # The action: # bug archived. thanks # This fakemail brought to you by your local debbugs # administrator