From unknown Sun Jun 22 22:45:54 2025 X-Loop: help-debbugs@gnu.org Subject: bug#8391: chmod setuid & setguid bits Resent-From: Christian Original-Sender: debbugs-submit-bounces@debbugs.gnu.org Resent-To: owner@debbugs.gnu.org Resent-CC: bug-coreutils@gnu.org Resent-Date: Thu, 31 Mar 2011 16:48:04 +0000 Resent-Message-ID: Resent-Sender: help-debbugs@gnu.org X-GNU-PR-Message: report 8391 X-GNU-PR-Package: coreutils X-GNU-PR-Keywords: To: 8391@debbugs.gnu.org X-Debbugs-Original-To: bug-coreutils@gnu.org Received: via spool by submit@debbugs.gnu.org id=B.130159005121105 (code B ref -1); Thu, 31 Mar 2011 16:48:04 +0000 Received: (at submit) by debbugs.gnu.org; 31 Mar 2011 16:47:31 +0000 Received: from localhost ([127.0.0.1] helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.69) (envelope-from ) id 1Q5L1t-0005UM-Ml for submit@debbugs.gnu.org; Thu, 31 Mar 2011 12:47:30 -0400 Received: from eggs.gnu.org ([140.186.70.92]) by debbugs.gnu.org with esmtp (Exim 4.69) (envelope-from ) id 1Q5Dkj-0002iF-Hu for submit@debbugs.gnu.org; Thu, 31 Mar 2011 05:01:18 -0400 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1Q5Dkd-0008Fa-68 for submit@debbugs.gnu.org; Thu, 31 Mar 2011 05:01:12 -0400 X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on eggs.gnu.org X-Spam-Level: X-Spam-Status: No, score=-1.9 required=5.0 tests=BAYES_00 autolearn=unavailable version=3.3.1 Received: from lists.gnu.org ([199.232.76.165]:55406) by eggs.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1Q5Dkb-0008E3-CK for submit@debbugs.gnu.org; Thu, 31 Mar 2011 05:01:11 -0400 Received: from [140.186.70.92] (port=48642 helo=eggs.gnu.org) by lists.gnu.org with esmtp (Exim 4.43) id 1Q5DkQ-0006yz-2g for bug-coreutils@gnu.org; Thu, 31 Mar 2011 05:01:01 -0400 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1Q5DkL-000890-VA for bug-coreutils@gnu.org; Thu, 31 Mar 2011 05:00:54 -0400 Received: from mx2.wwserver.net ([83.151.26.69]:43654) by eggs.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1Q5DkL-00088R-Ky for bug-coreutils@gnu.org; Thu, 31 Mar 2011 05:00:53 -0400 Received: from localhost (localhost [127.0.0.1]) by mx2.wwserver.net (Postfix) with ESMTP id 58D901902 for ; Thu, 31 Mar 2011 11:00:51 +0200 (CEST) X-Virus-Scanned: amavisd-new at wwserver.net Received: from mx2.wwserver.net ([127.0.0.1]) by localhost (mx2.wwserver.net [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id PwVsmxQi12KP for ; Thu, 31 Mar 2011 09:00:47 +0000 (UTC) Received: from lape.de.scorpio-it.net (lape.de.scorpio-it.net [192.168.101.121]) by mx2.wwserver.net (Postfix) with ESMTP id 821259BB for ; Thu, 31 Mar 2011 11:00:47 +0200 (CEST) Received: from [127.0.0.1] (localhost [127.0.0.1]) by lape.de.scorpio-it.net (Postfix) with ESMTP id 63E0A942 for ; Thu, 31 Mar 2011 11:01:08 +0200 (CEST) Message-ID: <4D9442D4.6040409@computersalat.de> Date: Thu, 31 Mar 2011 11:01:08 +0200 From: Christian User-Agent: Mozilla/5.0 (X11; U; Linux x86_64; de; rv:1.9.2.14) Gecko/20110221 SUSE/3.1.8 Thunderbird/3.1.8 MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8; format=flowed Content-Transfer-Encoding: quoted-printable X-detected-operating-system: by eggs.gnu.org: GNU/Linux 2.6 (newer, 3) X-detected-operating-system: by eggs.gnu.org: GNU/Linux 2.6 (newer, 2) X-Received-From: 199.232.76.165 X-Spam-Score: -6.6 (------) X-Mailman-Approved-At: Thu, 31 Mar 2011 12:47:28 -0400 X-BeenThere: debbugs-submit@debbugs.gnu.org X-Mailman-Version: 2.1.11 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Sender: debbugs-submit-bounces@debbugs.gnu.org Errors-To: debbugs-submit-bounces@debbugs.gnu.org X-Spam-Score: -6.6 (------) Why can I only use symbolic modes for clearing ? ----snip chmod(1) --- and you can set (but not clear) the bits with a numeric mode. ----snip chmod(1) --- isn't "chmod 0755 DIR" explicit enough ? Cheer --=20 Christian --------------------------------------------------- Der ultimative shop f=C3=BCr Sportbekleidung und Zubeh=C3=B6r http://www.sc24.de --------------------------------------------------- From unknown Sun Jun 22 22:45:54 2025 X-Loop: help-debbugs@gnu.org Subject: bug#8391: chmod setuid & setguid bits Resent-From: Eric Blake Original-Sender: debbugs-submit-bounces@debbugs.gnu.org Resent-To: owner@debbugs.gnu.org Resent-CC: bug-coreutils@gnu.org Resent-Date: Thu, 31 Mar 2011 17:30:03 +0000 Resent-Message-ID: Resent-Sender: help-debbugs@gnu.org X-GNU-PR-Message: followup 8391 X-GNU-PR-Package: coreutils X-GNU-PR-Keywords: To: Christian Cc: 8391@debbugs.gnu.org Received: via spool by 8391-submit@debbugs.gnu.org id=B8391.130159257524836 (code B ref 8391); Thu, 31 Mar 2011 17:30:03 +0000 Received: (at 8391) by debbugs.gnu.org; 31 Mar 2011 17:29:35 +0000 Received: from localhost ([127.0.0.1] helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.69) (envelope-from ) id 1Q5Lgb-0006SW-DS for submit@debbugs.gnu.org; Thu, 31 Mar 2011 13:29:33 -0400 Received: from mx1.redhat.com ([209.132.183.28]) by debbugs.gnu.org with esmtp (Exim 4.69) (envelope-from ) id 1Q5LgZ-0006SK-8k for 8391@debbugs.gnu.org; Thu, 31 Mar 2011 13:29:32 -0400 Received: from int-mx10.intmail.prod.int.phx2.redhat.com (int-mx10.intmail.prod.int.phx2.redhat.com [10.5.11.23]) by mx1.redhat.com (8.14.4/8.14.4) with ESMTP id p2VHTKiT012624 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=OK); Thu, 31 Mar 2011 13:29:21 -0400 Received: from [10.3.113.87] (ovpn-113-87.phx2.redhat.com [10.3.113.87]) by int-mx10.intmail.prod.int.phx2.redhat.com (8.14.4/8.14.4) with ESMTP id p2VHTJYt001444; Thu, 31 Mar 2011 13:29:19 -0400 Message-ID: <4D94B9EF.1010607@redhat.com> Date: Thu, 31 Mar 2011 11:29:19 -0600 From: Eric Blake Organization: Red Hat User-Agent: Mozilla/5.0 (X11; U; Linux x86_64; en-US; rv:1.9.2.15) Gecko/20110307 Fedora/3.1.9-0.39.b3pre.fc14 Lightning/1.0b3pre Mnenhy/0.8.3 Thunderbird/3.1.9 MIME-Version: 1.0 References: <4D9442D4.6040409@computersalat.de> In-Reply-To: <4D9442D4.6040409@computersalat.de> X-Enigmail-Version: 1.1.2 OpenPGP: url=http://people.redhat.com/eblake/eblake.gpg Content-Type: multipart/signed; micalg=pgp-sha256; protocol="application/pgp-signature"; boundary="------------enig03E67F44625FFBA8661D20BD" X-Scanned-By: MIMEDefang 2.68 on 10.5.11.23 X-Spam-Score: -10.3 (----------) X-BeenThere: debbugs-submit@debbugs.gnu.org X-Mailman-Version: 2.1.11 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Sender: debbugs-submit-bounces@debbugs.gnu.org Errors-To: debbugs-submit-bounces@debbugs.gnu.org X-Spam-Score: -10.3 (----------) This is an OpenPGP/MIME signed message (RFC 2440 and 3156) --------------enig03E67F44625FFBA8661D20BD Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: quoted-printable On 03/31/2011 03:01 AM, Christian wrote: > Why can I only use symbolic modes for clearing ? >=20 > ----snip chmod(1) --- > and you can set (but not clear) the bits with a numeric mode. > ----snip chmod(1) --- >=20 > isn't "chmod 0755 DIR" explicit enough ? Thanks for the report. However, this is not a bug. POSIX states: http://pubs.opengroup.org/onlinepubs/9699919799/utilities/chmod.html "For an octal integer mode operand, the file mode bits shall be set absolutely. "For each bit set in the octal number, the corresponding file permission bit shown in the following table shall be set; all other file permission bits shall be cleared. For regular files, for each bit set in the octal number corresponding to the set-user-ID-on-execution or the set-group-ID-on-execution, bits shown in the following table shall be set; if these bits are not set in the octal number, they are cleared. For other file types, it is implementation-defined whether or not requests to set or clear the set-user-ID-on-execution or set-group-ID-on-execution bits are honored." A directory is not a regular file. Therefore, it is implementation-defined whether the S_ISUID and S_ISGID bits are cleared, and we have chosen to define that they are not cleared (accidentally removing the sticky bit of a directory when you only meant to change access permissions is a security hole). --=20 Eric Blake eblake@redhat.com +1-801-349-2682 Libvirt virtualization library http://libvirt.org --------------enig03E67F44625FFBA8661D20BD Content-Type: application/pgp-signature; name="signature.asc" Content-Description: OpenPGP digital signature Content-Disposition: attachment; filename="signature.asc" -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.11 (GNU/Linux) Comment: Public key at http://people.redhat.com/eblake/eblake.gpg Comment: Using GnuPG with Fedora - http://enigmail.mozdev.org/ iQEcBAEBCAAGBQJNlLnvAAoJEKeha0olJ0NqF4sIAJTUgxOsG8/KFwPDwzZVb8if Po83XrGWzuYN+CTk43PPVcaLwpe8rEu5X2RoBwUUytMrCD5rqs+KLzeDz76t+B/B lGlFrwcBAYovpBzCvj4BNfISWOqT10rkSvP2zSTTIQnYPQGRiBZZLTgPa7A3Hpge DYflRMCI4q9E5rLpa2vRdvJRaSKahoTyLJbGcHmRyzRzhMwfOsgTDvzm/h32+u3X YGbv3jBdmQa7jleiowlRaTHLMNbX+0dprFbVk3knEk4spkRumAT8TQX41MqJHxEw /EkJVqVMGdmpp6gQwyr8KioBPbsJpY/cVKFME5bIXxwnIbsDPn555On0P/zcqwI= =2X8E -----END PGP SIGNATURE----- --------------enig03E67F44625FFBA8661D20BD-- From unknown Sun Jun 22 22:45:54 2025 X-Loop: help-debbugs@gnu.org Subject: bug#8391: chmod setuid & setguid bits Resent-From: Christian Original-Sender: debbugs-submit-bounces@debbugs.gnu.org Resent-To: owner@debbugs.gnu.org Resent-CC: bug-coreutils@gnu.org Resent-Date: Thu, 31 Mar 2011 18:26:02 +0000 Resent-Message-ID: Resent-Sender: help-debbugs@gnu.org X-GNU-PR-Message: followup 8391 X-GNU-PR-Package: coreutils X-GNU-PR-Keywords: To: bug-coreutils@gnu.org Received: via spool by submit@debbugs.gnu.org id=B.1301595925335 (code B ref -1); Thu, 31 Mar 2011 18:26:02 +0000 Received: (at submit) by debbugs.gnu.org; 31 Mar 2011 18:25:25 +0000 Received: from localhost ([127.0.0.1] helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.69) (envelope-from ) id 1Q5MYe-00005M-M3 for submit@debbugs.gnu.org; Thu, 31 Mar 2011 14:25:24 -0400 Received: from eggs.gnu.org ([140.186.70.92]) by debbugs.gnu.org with esmtp (Exim 4.69) (envelope-from ) id 1Q5MYc-00005B-LD for submit@debbugs.gnu.org; Thu, 31 Mar 2011 14:25:23 -0400 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1Q5MYW-0002uA-8Q for submit@debbugs.gnu.org; Thu, 31 Mar 2011 14:25:17 -0400 X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on eggs.gnu.org X-Spam-Level: X-Spam-Status: No, score=-1.9 required=5.0 tests=BAYES_00 autolearn=unavailable version=3.3.1 Received: from lists.gnu.org ([199.232.76.165]:53384) by eggs.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1Q5MYW-0002ty-5K for submit@debbugs.gnu.org; Thu, 31 Mar 2011 14:25:16 -0400 Received: from [140.186.70.92] (port=44093 helo=eggs.gnu.org) by lists.gnu.org with esmtp (Exim 4.43) id 1Q5MYU-0004Cw-1W for bug-coreutils@gnu.org; Thu, 31 Mar 2011 14:25:16 -0400 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1Q5MYS-0002tG-5d for bug-coreutils@gnu.org; Thu, 31 Mar 2011 14:25:13 -0400 Received: from mx2.wwserver.net ([83.151.26.69]:57481) by eggs.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1Q5MYR-0002sv-OH for bug-coreutils@gnu.org; Thu, 31 Mar 2011 14:25:12 -0400 Received: from localhost (localhost [127.0.0.1]) by mx2.wwserver.net (Postfix) with ESMTP id 756871902 for ; Thu, 31 Mar 2011 20:25:09 +0200 (CEST) X-Virus-Scanned: amavisd-new at wwserver.net Received: from mx2.wwserver.net ([127.0.0.1]) by localhost (mx2.wwserver.net [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id TMbSmlA64EJB for ; Thu, 31 Mar 2011 18:25:07 +0000 (UTC) Received: from lape.de.scorpio-it.net (lape.de.scorpio-it.net [192.168.101.121]) by mx2.wwserver.net (Postfix) with ESMTP id 821D61866 for ; Thu, 31 Mar 2011 20:25:07 +0200 (CEST) Received: from [127.0.0.1] (localhost [127.0.0.1]) by lape.de.scorpio-it.net (Postfix) with ESMTP id 8907BB30 for ; Thu, 31 Mar 2011 20:25:28 +0200 (CEST) Message-ID: <4D94C718.5080000@computersalat.de> Date: Thu, 31 Mar 2011 20:25:28 +0200 From: Christian User-Agent: Mozilla/5.0 (X11; U; Linux x86_64; de; rv:1.9.2.14) Gecko/20110221 SUSE/3.1.8 Thunderbird/3.1.8 MIME-Version: 1.0 References: <4D9442D4.6040409@computersalat.de> <4D94B9EF.1010607@redhat.com> In-Reply-To: <4D94B9EF.1010607@redhat.com> Content-Type: text/plain; charset=UTF-8; format=flowed Content-Transfer-Encoding: quoted-printable X-detected-operating-system: by eggs.gnu.org: GNU/Linux 2.6 (newer, 3) X-detected-operating-system: by eggs.gnu.org: GNU/Linux 2.6 (newer, 2) X-Received-From: 199.232.76.165 X-Spam-Score: -6.6 (------) X-BeenThere: debbugs-submit@debbugs.gnu.org X-Mailman-Version: 2.1.11 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Sender: debbugs-submit-bounces@debbugs.gnu.org Errors-To: debbugs-submit-bounces@debbugs.gnu.org X-Spam-Score: -6.6 (------) Hi Eric, Am 31.03.2011 19:29, schrieb Eric Blake: > On 03/31/2011 03:01 AM, Christian wrote: >> Why can I only use symbolic modes for clearing ? >> >> ----snip chmod(1) --- >> and you can set (but not clear) the bits with a numeric mode. >> ----snip chmod(1) --- >> >> isn't "chmod 0755 DIR" explicit enough ? > Thanks for the report. However, this is not a bug. POSIX states: > http://pubs.opengroup.org/onlinepubs/9699919799/utilities/chmod.html I did not told it a bug, yet ;) I agree that having drwxr-sr-x 2 root root 48 2011-03-31 18:13 tmp/ and doing a "chmod 755" would have removed the s-gid-bit in the past. e.g.: hv-gate:~/test # chmod -v 755 tmp/ Modus von =E2=80=9Etmp/=E2=80=9C nach 0755 (rwxr-xr-x) ge=C3=A4ndert and I agree that this should not happen. but: when I want to remove the s-gid-bit it should be possible to do a chmod 0755 tmp and not to be forced to the "same" but more complicated version chmod g=3Drx-s tmp IMHO for removing s-gid-bit from drwxr-sr-x 2 root root 48 2011-03-31 18:13 tmp/ "u=3Drwx,g=3Drx-s,o=3Drx" =3D=3D "0755" and using "0755" is explicit enough, isn't it ? Cheers --=20 Christian --------------------------------------------------- Der ultimative shop f=C3=BCr Sportbekleidung und Zubeh=C3=B6r http://www.sc24.de --------------------------------------------------- From unknown Sun Jun 22 22:45:54 2025 X-Loop: help-debbugs@gnu.org Subject: bug#8391: chmod setuid & setguid bits Resent-From: Paul Eggert Original-Sender: debbugs-submit-bounces@debbugs.gnu.org Resent-To: owner@debbugs.gnu.org Resent-CC: bug-coreutils@gnu.org Resent-Date: Thu, 31 Mar 2011 18:55:02 +0000 Resent-Message-ID: Resent-Sender: help-debbugs@gnu.org X-GNU-PR-Message: followup 8391 X-GNU-PR-Package: coreutils X-GNU-PR-Keywords: To: Christian Cc: bug-coreutils@gnu.org Received: via spool by submit@debbugs.gnu.org id=B.13015976882883 (code B ref -1); Thu, 31 Mar 2011 18:55:02 +0000 Received: (at submit) by debbugs.gnu.org; 31 Mar 2011 18:54:48 +0000 Received: from localhost ([127.0.0.1] helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.69) (envelope-from ) id 1Q5N15-0000kS-QK for submit@debbugs.gnu.org; Thu, 31 Mar 2011 14:54:48 -0400 Received: from eggs.gnu.org ([140.186.70.92]) by debbugs.gnu.org with esmtp (Exim 4.69) (envelope-from ) id 1Q5N13-0000kG-1B for submit@debbugs.gnu.org; Thu, 31 Mar 2011 14:54:46 -0400 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1Q5N0x-0000Qn-FG for submit@debbugs.gnu.org; Thu, 31 Mar 2011 14:54:40 -0400 X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on eggs.gnu.org X-Spam-Level: X-Spam-Status: No, score=-1.9 required=5.0 tests=BAYES_00,T_RP_MATCHES_RCVD autolearn=unavailable version=3.3.1 Received: from lists.gnu.org ([199.232.76.165]:40851) by eggs.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1Q5N0x-0000Qj-DV for submit@debbugs.gnu.org; Thu, 31 Mar 2011 14:54:39 -0400 Received: from [140.186.70.92] (port=54928 helo=eggs.gnu.org) by lists.gnu.org with esmtp (Exim 4.43) id 1Q5N0w-0004Ea-Oa for bug-coreutils@gnu.org; Thu, 31 Mar 2011 14:54:39 -0400 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1Q5N0v-0000Po-NP for bug-coreutils@gnu.org; Thu, 31 Mar 2011 14:54:38 -0400 Received: from smtp.cs.ucla.edu ([131.179.128.62]:38685) by eggs.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1Q5N0v-0000Mc-IH for bug-coreutils@gnu.org; Thu, 31 Mar 2011 14:54:37 -0400 Received: from localhost (localhost.localdomain [127.0.0.1]) by smtp.cs.ucla.edu (Postfix) with ESMTP id 94EC839E80F0; Thu, 31 Mar 2011 11:54:27 -0700 (PDT) X-Virus-Scanned: amavisd-new at smtp.cs.ucla.edu Received: from smtp.cs.ucla.edu ([127.0.0.1]) by localhost (smtp.cs.ucla.edu [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id OlhJx+ksnBdS; Thu, 31 Mar 2011 11:54:26 -0700 (PDT) Received: from [131.179.64.200] (Penguin.CS.UCLA.EDU [131.179.64.200]) by smtp.cs.ucla.edu (Postfix) with ESMTPSA id 9B56839E8083; Thu, 31 Mar 2011 11:54:26 -0700 (PDT) Message-ID: <4D94CDE2.4090003@cs.ucla.edu> Date: Thu, 31 Mar 2011 11:54:26 -0700 From: Paul Eggert Organization: UCLA Computer Science Department User-Agent: Mozilla/5.0 (X11; U; Linux x86_64; en-US; rv:1.9.2.15) Gecko/20110307 Fedora/3.1.9-0.39.b3pre.fc14 Thunderbird/3.1.9 MIME-Version: 1.0 References: <4D9442D4.6040409@computersalat.de> <4D94B9EF.1010607@redhat.com> <4D94C718.5080000@computersalat.de> In-Reply-To: <4D94C718.5080000@computersalat.de> Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 7bit X-detected-operating-system: by eggs.gnu.org: GNU/Linux 2.6 (newer, 3) X-detected-operating-system: by eggs.gnu.org: GNU/Linux 2.6 (newer, 2) X-Received-From: 199.232.76.165 X-Spam-Score: -4.9 (----) X-BeenThere: debbugs-submit@debbugs.gnu.org X-Mailman-Version: 2.1.11 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Sender: debbugs-submit-bounces@debbugs.gnu.org Errors-To: debbugs-submit-bounces@debbugs.gnu.org X-Spam-Score: -4.9 (----) On 03/31/2011 11:25 AM, Christian wrote: > and using "0755" is explicit enough, isn't it ? Unfortunately it's not that simple, as having 0755 mean something different from 755 would violate the principle of least surprise. Please see the thread starting at . From unknown Sun Jun 22 22:45:54 2025 X-Loop: help-debbugs@gnu.org Subject: bug#8391: chmod setuid & setguid bits Resent-From: Eric Blake Original-Sender: debbugs-submit-bounces@debbugs.gnu.org Resent-To: owner@debbugs.gnu.org Resent-CC: bug-coreutils@gnu.org Resent-Date: Thu, 31 Mar 2011 19:00:03 +0000 Resent-Message-ID: Resent-Sender: help-debbugs@gnu.org X-GNU-PR-Message: followup 8391 X-GNU-PR-Package: coreutils X-GNU-PR-Keywords: To: Christian Cc: bug-coreutils@gnu.org Received: via spool by submit@debbugs.gnu.org id=B.13015979793336 (code B ref -1); Thu, 31 Mar 2011 19:00:03 +0000 Received: (at submit) by debbugs.gnu.org; 31 Mar 2011 18:59:39 +0000 Received: from localhost ([127.0.0.1] helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.69) (envelope-from ) id 1Q5N5k-0000rg-Hv for submit@debbugs.gnu.org; Thu, 31 Mar 2011 14:59:38 -0400 Received: from eggs.gnu.org ([140.186.70.92]) by debbugs.gnu.org with esmtp (Exim 4.69) (envelope-from ) id 1Q5N5h-0000rS-6f for submit@debbugs.gnu.org; Thu, 31 Mar 2011 14:59:35 -0400 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1Q5N5b-0001Mi-E5 for submit@debbugs.gnu.org; Thu, 31 Mar 2011 14:59:28 -0400 X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on eggs.gnu.org X-Spam-Level: X-Spam-Status: No, score=-6.9 required=5.0 tests=BAYES_00,RCVD_IN_DNSWL_HI, T_RP_MATCHES_RCVD autolearn=unavailable version=3.3.1 Received: from lists.gnu.org ([199.232.76.165]:40564) by eggs.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1Q5N5b-0001MZ-7n for submit@debbugs.gnu.org; Thu, 31 Mar 2011 14:59:27 -0400 Received: from [140.186.70.92] (port=44272 helo=eggs.gnu.org) by lists.gnu.org with esmtp (Exim 4.43) id 1Q5N5a-0006PZ-86 for bug-coreutils@gnu.org; Thu, 31 Mar 2011 14:59:27 -0400 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1Q5N5Y-0001Lx-Pu for bug-coreutils@gnu.org; Thu, 31 Mar 2011 14:59:26 -0400 Received: from mx1.redhat.com ([209.132.183.28]:22429) by eggs.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1Q5N5Y-0001Li-FJ for bug-coreutils@gnu.org; Thu, 31 Mar 2011 14:59:24 -0400 Received: from int-mx09.intmail.prod.int.phx2.redhat.com (int-mx09.intmail.prod.int.phx2.redhat.com [10.5.11.22]) by mx1.redhat.com (8.14.4/8.14.4) with ESMTP id p2VIxLaO013674 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=OK); Thu, 31 Mar 2011 14:59:21 -0400 Received: from [10.3.113.87] (ovpn-113-87.phx2.redhat.com [10.3.113.87]) by int-mx09.intmail.prod.int.phx2.redhat.com (8.14.4/8.14.4) with ESMTP id p2VIxKM0022485; Thu, 31 Mar 2011 14:59:20 -0400 Message-ID: <4D94CF07.5010108@redhat.com> Date: Thu, 31 Mar 2011 12:59:19 -0600 From: Eric Blake Organization: Red Hat User-Agent: Mozilla/5.0 (X11; U; Linux x86_64; en-US; rv:1.9.2.15) Gecko/20110307 Fedora/3.1.9-0.39.b3pre.fc14 Lightning/1.0b3pre Mnenhy/0.8.3 Thunderbird/3.1.9 MIME-Version: 1.0 References: <4D9442D4.6040409@computersalat.de> <4D94B9EF.1010607@redhat.com> <4D94C718.5080000@computersalat.de> In-Reply-To: <4D94C718.5080000@computersalat.de> X-Enigmail-Version: 1.1.2 OpenPGP: url=http://people.redhat.com/eblake/eblake.gpg Content-Type: multipart/signed; micalg=pgp-sha256; protocol="application/pgp-signature"; boundary="------------enigEF9C589A1AD3F7C2B062F4D3" X-Scanned-By: MIMEDefang 2.68 on 10.5.11.22 X-detected-operating-system: by eggs.gnu.org: Genre and OS details not recognized. X-detected-operating-system: by eggs.gnu.org: GNU/Linux 2.6 (newer, 2) X-Received-From: 199.232.76.165 X-Spam-Score: -7.9 (-------) X-BeenThere: debbugs-submit@debbugs.gnu.org X-Mailman-Version: 2.1.11 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Sender: debbugs-submit-bounces@debbugs.gnu.org Errors-To: debbugs-submit-bounces@debbugs.gnu.org X-Spam-Score: -7.9 (-------) This is an OpenPGP/MIME signed message (RFC 2440 and 3156) --------------enigEF9C589A1AD3F7C2B062F4D3 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: quoted-printable On 03/31/2011 12:25 PM, Christian wrote: > IMHO > for removing s-gid-bit from > drwxr-sr-x 2 root root 48 2011-03-31 18:13 tmp/ > "u=3Drwx,g=3Drx-s,o=3Drx" =3D=3D "0755" >=20 > and using "0755" is explicit enough, isn't it ? No, because not everyone realizes that chmod takes octal automatically, and they might have intended the leading 0 to mean octal without actually affecting 07000. But perhaps "00755" is explicit enough. I think this has been discussed on the list in the distant past, although I don't have time to dig up references right now. --=20 Eric Blake eblake@redhat.com +1-801-349-2682 Libvirt virtualization library http://libvirt.org --------------enigEF9C589A1AD3F7C2B062F4D3 Content-Type: application/pgp-signature; name="signature.asc" Content-Description: OpenPGP digital signature Content-Disposition: attachment; filename="signature.asc" -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.11 (GNU/Linux) Comment: Public key at http://people.redhat.com/eblake/eblake.gpg Comment: Using GnuPG with Fedora - http://enigmail.mozdev.org/ iQEcBAEBCAAGBQJNlM8HAAoJEKeha0olJ0NqnbMIAKQiWNXHMzAXojinpkkGnhvq U4pgonwYy/xdY1neLEOwi0BeRrvtHuzUpEXsmzad6C+eMVz0mSAI5IJLGt3vfMiJ FScn6sa3wBhAzFZzvnY4W+sLwxPjRBtiBxd6M962Gs24UlVBwr7l3EAl3DGDZHcW WkXKXOAohAa/ZYYhZuyLYEWPSrWR0IicxjgdAeJth8PI89k6xGF3I9C3p3wn4XTa eRoT7o03OVXj9zZZKMPDJ9LD84gB/F1gBybhcd9nFVRvlldByZBf6m4/fa2U0lDi fRPIExDxuHCcN2akZ+Rm4s/AvW/TOJwivTMxIrVkAmnZZdDp+HiLXBAV/9CXo+M= =DGd3 -----END PGP SIGNATURE----- --------------enigEF9C589A1AD3F7C2B062F4D3-- From unknown Sun Jun 22 22:45:54 2025 X-Loop: help-debbugs@gnu.org Subject: bug#8391: chmod setuid & setguid bits Resent-From: Eric Blake Original-Sender: debbugs-submit-bounces@debbugs.gnu.org Resent-To: owner@debbugs.gnu.org Resent-CC: bug-coreutils@gnu.org Resent-Date: Thu, 31 Mar 2011 19:17:01 +0000 Resent-Message-ID: Resent-Sender: help-debbugs@gnu.org X-GNU-PR-Message: followup 8391 X-GNU-PR-Package: coreutils X-GNU-PR-Keywords: To: Paul Eggert Cc: Christian , bug-coreutils@gnu.org Received: via spool by submit@debbugs.gnu.org id=B.13015989674738 (code B ref -1); Thu, 31 Mar 2011 19:17:01 +0000 Received: (at submit) by debbugs.gnu.org; 31 Mar 2011 19:16:07 +0000 Received: from localhost ([127.0.0.1] helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.69) (envelope-from ) id 1Q5NLj-0001EN-0D for submit@debbugs.gnu.org; Thu, 31 Mar 2011 15:16:07 -0400 Received: from eggs.gnu.org ([140.186.70.92]) by debbugs.gnu.org with esmtp (Exim 4.69) (envelope-from ) id 1Q5NLe-0001Dq-2q for submit@debbugs.gnu.org; Thu, 31 Mar 2011 15:16:04 -0400 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1Q5NLX-0003w8-RQ for submit@debbugs.gnu.org; Thu, 31 Mar 2011 15:15:56 -0400 X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on eggs.gnu.org X-Spam-Level: X-Spam-Status: No, score=-6.9 required=5.0 tests=BAYES_00,RCVD_IN_DNSWL_HI, T_RP_MATCHES_RCVD autolearn=unavailable version=3.3.1 Received: from lists.gnu.org ([199.232.76.165]:37499) by eggs.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1Q5NLX-0003w4-P6 for submit@debbugs.gnu.org; Thu, 31 Mar 2011 15:15:55 -0400 Received: from [140.186.70.92] (port=54984 helo=eggs.gnu.org) by lists.gnu.org with esmtp (Exim 4.43) id 1Q5NLW-0006ug-OJ for bug-coreutils@gnu.org; Thu, 31 Mar 2011 15:15:55 -0400 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1Q5NLV-0003vi-CE for bug-coreutils@gnu.org; Thu, 31 Mar 2011 15:15:54 -0400 Received: from mx1.redhat.com ([209.132.183.28]:20019) by eggs.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1Q5NLV-0003vY-27 for bug-coreutils@gnu.org; Thu, 31 Mar 2011 15:15:53 -0400 Received: from int-mx09.intmail.prod.int.phx2.redhat.com (int-mx09.intmail.prod.int.phx2.redhat.com [10.5.11.22]) by mx1.redhat.com (8.14.4/8.14.4) with ESMTP id p2VJFgkm022107 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=OK); Thu, 31 Mar 2011 15:15:42 -0400 Received: from [10.3.113.87] (ovpn-113-87.phx2.redhat.com [10.3.113.87]) by int-mx09.intmail.prod.int.phx2.redhat.com (8.14.4/8.14.4) with ESMTP id p2VJFgIi029295; Thu, 31 Mar 2011 15:15:42 -0400 Message-ID: <4D94D2DD.60701@redhat.com> Date: Thu, 31 Mar 2011 13:15:41 -0600 From: Eric Blake Organization: Red Hat User-Agent: Mozilla/5.0 (X11; U; Linux x86_64; en-US; rv:1.9.2.15) Gecko/20110307 Fedora/3.1.9-0.39.b3pre.fc14 Lightning/1.0b3pre Mnenhy/0.8.3 Thunderbird/3.1.9 MIME-Version: 1.0 References: <4D9442D4.6040409@computersalat.de> <4D94B9EF.1010607@redhat.com> <4D94C718.5080000@computersalat.de> <4D94CDE2.4090003@cs.ucla.edu> In-Reply-To: <4D94CDE2.4090003@cs.ucla.edu> X-Enigmail-Version: 1.1.2 OpenPGP: url=http://people.redhat.com/eblake/eblake.gpg Content-Type: multipart/signed; micalg=pgp-sha256; protocol="application/pgp-signature"; boundary="------------enig79A8F4475B8212DCAC33CA8F" X-Scanned-By: MIMEDefang 2.68 on 10.5.11.22 X-detected-operating-system: by eggs.gnu.org: Genre and OS details not recognized. X-detected-operating-system: by eggs.gnu.org: GNU/Linux 2.6 (newer, 2) X-Received-From: 199.232.76.165 X-Spam-Score: -7.9 (-------) X-BeenThere: debbugs-submit@debbugs.gnu.org X-Mailman-Version: 2.1.11 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Sender: debbugs-submit-bounces@debbugs.gnu.org Errors-To: debbugs-submit-bounces@debbugs.gnu.org X-Spam-Score: -7.9 (-------) This is an OpenPGP/MIME signed message (RFC 2440 and 3156) --------------enig79A8F4475B8212DCAC33CA8F Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: quoted-printable On 03/31/2011 12:54 PM, Paul Eggert wrote: > On 03/31/2011 11:25 AM, Christian wrote: >> and using "0755" is explicit enough, isn't it ? >=20 > Unfortunately it's not that simple, as having 0755 mean > something different from 755 would violate the principle > of least surprise. Please see the thread starting at > = =2E Oddly enough, I see that my proposal for an explicit 00755: http://lists.gnu.org/archive/html/bug-coreutils/2006-07/msg00130.html came up back then as well, but without any action yet. ;) --=20 Eric Blake eblake@redhat.com +1-801-349-2682 Libvirt virtualization library http://libvirt.org --------------enig79A8F4475B8212DCAC33CA8F Content-Type: application/pgp-signature; name="signature.asc" Content-Description: OpenPGP digital signature Content-Disposition: attachment; filename="signature.asc" -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.11 (GNU/Linux) Comment: Public key at http://people.redhat.com/eblake/eblake.gpg Comment: Using GnuPG with Fedora - http://enigmail.mozdev.org/ iQEcBAEBCAAGBQJNlNLdAAoJEKeha0olJ0NqOGMH/RR448SWer9O4FFplYbVHLVU 0DENy9miwwTdA9tiNM52vRZ4AHsNcn2j5SC+yW2gX28jKn93pY8L5LRcZey6uUeI ZZOKgJXAOb33qAIY3iaBfLqwSyZSmHkHFhOsLjLnxSHeVfKv1DuBxxy0j9gcwdPz CLzuP8XBMAd0CW9jRWgWZbg/8Gn835qe9x/954N8PqApjsQZkQBQo/fcExn0gnqq Tp1n1EeUQEZdMKxl398Mg2JsxR9EZ5jADsy3R73YM6L6bF1HkGrn5+J3sZdStmOk njzWChdnhltn+QcfOzHIcwHZ5+/wR+2BThuRcHwFv9JzbX4eo1yqsl44+L+ritA= =kd/h -----END PGP SIGNATURE----- --------------enig79A8F4475B8212DCAC33CA8F-- From unknown Sun Jun 22 22:45:54 2025 X-Loop: help-debbugs@gnu.org Subject: bug#8391: chmod setuid & setguid bits Resent-From: Christian Original-Sender: debbugs-submit-bounces@debbugs.gnu.org Resent-To: owner@debbugs.gnu.org Resent-CC: bug-coreutils@gnu.org Resent-Date: Thu, 31 Mar 2011 19:59:06 +0000 Resent-Message-ID: Resent-Sender: help-debbugs@gnu.org X-GNU-PR-Message: followup 8391 X-GNU-PR-Package: coreutils X-GNU-PR-Keywords: To: bug-coreutils@gnu.org Received: via spool by submit@debbugs.gnu.org id=B.13016015348357 (code B ref -1); Thu, 31 Mar 2011 19:59:06 +0000 Received: (at submit) by debbugs.gnu.org; 31 Mar 2011 19:58:54 +0000 Received: from localhost ([127.0.0.1] helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.69) (envelope-from ) id 1Q5O15-0002Ak-6w for submit@debbugs.gnu.org; Thu, 31 Mar 2011 15:58:51 -0400 Received: from eggs.gnu.org ([140.186.70.92]) by debbugs.gnu.org with esmtp (Exim 4.69) (envelope-from ) id 1Q5O0x-0002AN-2g for submit@debbugs.gnu.org; Thu, 31 Mar 2011 15:58:45 -0400 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1Q5O0r-0004Am-5c for submit@debbugs.gnu.org; Thu, 31 Mar 2011 15:58:37 -0400 X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on eggs.gnu.org X-Spam-Level: X-Spam-Status: No, score=-1.9 required=5.0 tests=BAYES_00 autolearn=unavailable version=3.3.1 Received: from lists.gnu.org ([199.232.76.165]:53852) by eggs.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1Q5O0q-0004Aa-Py for submit@debbugs.gnu.org; Thu, 31 Mar 2011 15:58:37 -0400 Received: from [140.186.70.92] (port=46287 helo=eggs.gnu.org) by lists.gnu.org with esmtp (Exim 4.43) id 1Q5O0p-0007bK-Ia for bug-coreutils@gnu.org; Thu, 31 Mar 2011 15:58:36 -0400 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1Q5O0o-0004AC-G8 for bug-coreutils@gnu.org; Thu, 31 Mar 2011 15:58:35 -0400 Received: from mx2.wwserver.net ([83.151.26.69]:58806) by eggs.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1Q5O0o-00049o-7z for bug-coreutils@gnu.org; Thu, 31 Mar 2011 15:58:34 -0400 Received: from localhost (localhost [127.0.0.1]) by mx2.wwserver.net (Postfix) with ESMTP id 89DDF9D2 for ; Thu, 31 Mar 2011 21:58:31 +0200 (CEST) X-Virus-Scanned: amavisd-new at wwserver.net Received: from mx2.wwserver.net ([127.0.0.1]) by localhost (mx2.wwserver.net [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id s4yJbevzNO8C for ; Thu, 31 Mar 2011 19:58:30 +0000 (UTC) Received: from lape.de.scorpio-it.net (lape.de.scorpio-it.net [192.168.101.121]) by mx2.wwserver.net (Postfix) with ESMTP id 11A01785 for ; Thu, 31 Mar 2011 21:58:30 +0200 (CEST) Received: from [127.0.0.1] (localhost [127.0.0.1]) by lape.de.scorpio-it.net (Postfix) with ESMTP id 2C819B30 for ; Thu, 31 Mar 2011 21:58:51 +0200 (CEST) Message-ID: <4D94DCFA.8000306@computersalat.de> Date: Thu, 31 Mar 2011 21:58:50 +0200 From: Christian User-Agent: Mozilla/5.0 (X11; U; Linux x86_64; de; rv:1.9.2.14) Gecko/20110221 SUSE/3.1.8 Thunderbird/3.1.8 MIME-Version: 1.0 References: <4D9442D4.6040409@computersalat.de> <4D94B9EF.1010607@redhat.com> <4D94C718.5080000@computersalat.de> <4D94CDE2.4090003@cs.ucla.edu> In-Reply-To: <4D94CDE2.4090003@cs.ucla.edu> Content-Type: text/plain; charset=UTF-8; format=flowed Content-Transfer-Encoding: quoted-printable X-detected-operating-system: by eggs.gnu.org: GNU/Linux 2.6 (newer, 3) X-detected-operating-system: by eggs.gnu.org: GNU/Linux 2.6 (newer, 2) X-Received-From: 199.232.76.165 X-Spam-Score: -6.6 (------) X-BeenThere: debbugs-submit@debbugs.gnu.org X-Mailman-Version: 2.1.11 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Sender: debbugs-submit-bounces@debbugs.gnu.org Errors-To: debbugs-submit-bounces@debbugs.gnu.org X-Spam-Score: -6.6 (------) Hi Paul, Am 31.03.2011 20:54, schrieb Paul Eggert: > On 03/31/2011 11:25 AM, Christian wrote: >> and using "0755" is explicit enough, isn't it ? > Unfortunately it's not that simple, as having 0755 mean > something different from 755 would violate the principle > of least surprise. Please see the thread starting at > = . I read it and I came to the conclusion 755 should preserve s-bit: OK 2755 sould set sbit. OK 0755 should remove sbit, cause it is explicit wanted. and not doing so is a "lemming behaviour". noone considered that perhaps solaris behaves wrong. Kind Regards --=20 Christian --------------------------------------------------- Der ultimative shop f=C3=BCr Sportbekleidung und Zubeh=C3=B6r http://www.sc24.de --------------------------------------------------- From unknown Sun Jun 22 22:45:54 2025 X-Loop: help-debbugs@gnu.org Subject: bug#8391: chmod setuid & setguid bits Resent-From: Eric Blake Original-Sender: debbugs-submit-bounces@debbugs.gnu.org Resent-To: owner@debbugs.gnu.org Resent-CC: bug-coreutils@gnu.org Resent-Date: Thu, 31 Mar 2011 20:16:01 +0000 Resent-Message-ID: Resent-Sender: help-debbugs@gnu.org X-GNU-PR-Message: followup 8391 X-GNU-PR-Package: coreutils X-GNU-PR-Keywords: To: Christian Cc: bug-coreutils@gnu.org Received: via spool by submit@debbugs.gnu.org id=B.13016025559772 (code B ref -1); Thu, 31 Mar 2011 20:16:01 +0000 Received: (at submit) by debbugs.gnu.org; 31 Mar 2011 20:15:55 +0000 Received: from localhost ([127.0.0.1] helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.69) (envelope-from ) id 1Q5OHa-0002XZ-QV for submit@debbugs.gnu.org; Thu, 31 Mar 2011 16:15:55 -0400 Received: from eggs.gnu.org ([140.186.70.92]) by debbugs.gnu.org with esmtp (Exim 4.69) (envelope-from ) id 1Q5OHW-0002XL-TV for submit@debbugs.gnu.org; Thu, 31 Mar 2011 16:15:53 -0400 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1Q5OHQ-0006gr-EM for submit@debbugs.gnu.org; Thu, 31 Mar 2011 16:15:45 -0400 X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on eggs.gnu.org X-Spam-Level: X-Spam-Status: No, score=-6.9 required=5.0 tests=BAYES_00,RCVD_IN_DNSWL_HI, T_RP_MATCHES_RCVD autolearn=unavailable version=3.3.1 Received: from lists.gnu.org ([199.232.76.165]:51107) by eggs.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1Q5OHQ-0006gn-Bv for submit@debbugs.gnu.org; Thu, 31 Mar 2011 16:15:44 -0400 Received: from [140.186.70.92] (port=54532 helo=eggs.gnu.org) by lists.gnu.org with esmtp (Exim 4.43) id 1Q5OHP-0008Ho-2Y for bug-coreutils@gnu.org; Thu, 31 Mar 2011 16:15:44 -0400 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1Q5OHN-0006gY-TX for bug-coreutils@gnu.org; Thu, 31 Mar 2011 16:15:42 -0400 Received: from mx1.redhat.com ([209.132.183.28]:18438) by eggs.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1Q5OHN-0006gM-II for bug-coreutils@gnu.org; Thu, 31 Mar 2011 16:15:41 -0400 Received: from int-mx10.intmail.prod.int.phx2.redhat.com (int-mx10.intmail.prod.int.phx2.redhat.com [10.5.11.23]) by mx1.redhat.com (8.14.4/8.14.4) with ESMTP id p2VKFbHv005176 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=OK); Thu, 31 Mar 2011 16:15:38 -0400 Received: from [10.3.113.87] (ovpn-113-87.phx2.redhat.com [10.3.113.87]) by int-mx10.intmail.prod.int.phx2.redhat.com (8.14.4/8.14.4) with ESMTP id p2VKFbEO026908; Thu, 31 Mar 2011 16:15:37 -0400 Message-ID: <4D94E0E8.8070201@redhat.com> Date: Thu, 31 Mar 2011 14:15:36 -0600 From: Eric Blake Organization: Red Hat User-Agent: Mozilla/5.0 (X11; U; Linux x86_64; en-US; rv:1.9.2.15) Gecko/20110307 Fedora/3.1.9-0.39.b3pre.fc14 Lightning/1.0b3pre Mnenhy/0.8.3 Thunderbird/3.1.9 MIME-Version: 1.0 References: <4D9442D4.6040409@computersalat.de> <4D94B9EF.1010607@redhat.com> <4D94C718.5080000@computersalat.de> <4D94CDE2.4090003@cs.ucla.edu> <4D94DCFA.8000306@computersalat.de> In-Reply-To: <4D94DCFA.8000306@computersalat.de> X-Enigmail-Version: 1.1.2 OpenPGP: url=http://people.redhat.com/eblake/eblake.gpg Content-Type: multipart/signed; micalg=pgp-sha256; protocol="application/pgp-signature"; boundary="------------enig3009C2DA04929526B481CE0B" X-Scanned-By: MIMEDefang 2.68 on 10.5.11.23 X-detected-operating-system: by eggs.gnu.org: Genre and OS details not recognized. X-detected-operating-system: by eggs.gnu.org: GNU/Linux 2.6 (newer, 2) X-Received-From: 199.232.76.165 X-Spam-Score: -7.9 (-------) X-BeenThere: debbugs-submit@debbugs.gnu.org X-Mailman-Version: 2.1.11 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Sender: debbugs-submit-bounces@debbugs.gnu.org Errors-To: debbugs-submit-bounces@debbugs.gnu.org X-Spam-Score: -7.9 (-------) This is an OpenPGP/MIME signed message (RFC 2440 and 3156) --------------enig3009C2DA04929526B481CE0B Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: quoted-printable On 03/31/2011 01:58 PM, Christian wrote: > Hi Paul, >=20 > Am 31.03.2011 20:54, schrieb Paul Eggert: >> On 03/31/2011 11:25 AM, Christian wrote: >>> and using "0755" is explicit enough, isn't it ? >> Unfortunately it's not that simple, as having 0755 mean >> something different from 755 would violate the principle >> of least surprise. Please see the thread starting at >> . > I read it and I came to the conclusion > 755 should preserve s-bit: OK > 2755 sould set sbit. OK > 0755 should remove sbit, cause it is explicit wanted. > and not doing so is a "lemming behaviour". No, 0755 is not explicit - it is ambiguous with people that are explicitly using printf %#3o to output a 3-digit octal string with leading 0 - I don't think we can change this. But my suggestion of 00755 _is_ explicit - after taking off the leading 0 for specifying octal, you are _still_ left with four octal digits which includes the sticky bit explicitly being set to 0. > noone considered that perhaps solaris behaves wrong. No, that earlier thread already came to the conclusion that it's pretty much a mine field out there, and that Solaris was probably the most consistent when compared to other implementations, but not necessarily the most intuitive. That thread also concluded that the best GNU could do was come up with rules (which you summarized) enforced by a gnulib module (so that all gnulib clients share the same rules consistently) as well as documented in the coreutils info manual. I also don't know how many of the implementations are technically right - POSIX allows a wide range of acceptable behavior, but did require that the particular behavior used be documented (not like anyone wants to read documentation for multiple implementations to compare them to see where things will go different). But if other implementations don't document what they do, then they are wrong no matter how you look at it, even if they can justify their behavior under a typical work flow. --=20 Eric Blake eblake@redhat.com +1-801-349-2682 Libvirt virtualization library http://libvirt.org --------------enig3009C2DA04929526B481CE0B Content-Type: application/pgp-signature; name="signature.asc" Content-Description: OpenPGP digital signature Content-Disposition: attachment; filename="signature.asc" -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.11 (GNU/Linux) Comment: Public key at http://people.redhat.com/eblake/eblake.gpg Comment: Using GnuPG with Fedora - http://enigmail.mozdev.org/ iQEcBAEBCAAGBQJNlODoAAoJEKeha0olJ0NqM18H/3Vd9iTlm40OXlH2ndxsPByl FFVbG/yfPs0EW3MZKlSuN0ZrPoJqjtIgHHysaQHoQ7AvdtzpFVea7sYiOmBpIFED zz901T4OLXRPgToxaJ6MMW27xHvUmDYRLSAe2s4JlyfxOS14n9l6EOEP+CMSVFa9 BME4ZXaea50OB3h3mIqdJi4/16f8BGp591agI9TStro+D+gWYk8W7up7G/mNZ3bP EWdNkLhxH88RDg32xwImV+CAFDm3mgUHvUnne+/r+aiHSCNWdsIN99VNLDpmWHPo OilGr1Y53h/ms1uO2+6+75zzv5CQdSajuGc/SNl3n8KX+WWDOcoS6AB+xCM5lJk= =lXfr -----END PGP SIGNATURE----- --------------enig3009C2DA04929526B481CE0B-- From unknown Sun Jun 22 22:45:54 2025 X-Loop: help-debbugs@gnu.org Subject: bug#8391: chmod setuid & setguid bits Resent-From: Christian Original-Sender: debbugs-submit-bounces@debbugs.gnu.org Resent-To: owner@debbugs.gnu.org Resent-CC: bug-coreutils@gnu.org Resent-Date: Thu, 31 Mar 2011 20:59:01 +0000 Resent-Message-ID: Resent-Sender: help-debbugs@gnu.org X-GNU-PR-Message: followup 8391 X-GNU-PR-Package: coreutils X-GNU-PR-Keywords: To: bug-coreutils@gnu.org Received: via spool by submit@debbugs.gnu.org id=B.130160512613350 (code B ref -1); Thu, 31 Mar 2011 20:59:01 +0000 Received: (at submit) by debbugs.gnu.org; 31 Mar 2011 20:58:46 +0000 Received: from localhost ([127.0.0.1] helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.69) (envelope-from ) id 1Q5Ox4-0003TH-4q for submit@debbugs.gnu.org; Thu, 31 Mar 2011 16:58:46 -0400 Received: from eggs.gnu.org ([140.186.70.92]) by debbugs.gnu.org with esmtp (Exim 4.69) (envelope-from ) id 1Q5Owx-0003T0-W5 for submit@debbugs.gnu.org; Thu, 31 Mar 2011 16:58:44 -0400 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1Q5Ows-0005Sn-AU for submit@debbugs.gnu.org; Thu, 31 Mar 2011 16:58:34 -0400 X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on eggs.gnu.org X-Spam-Level: X-Spam-Status: No, score=-1.9 required=5.0 tests=BAYES_00 autolearn=unavailable version=3.3.1 Received: from lists.gnu.org ([199.232.76.165]:50250) by eggs.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1Q5Ows-0005Sj-8W for submit@debbugs.gnu.org; Thu, 31 Mar 2011 16:58:34 -0400 Received: from [140.186.70.92] (port=35674 helo=eggs.gnu.org) by lists.gnu.org with esmtp (Exim 4.43) id 1Q5Owq-0000n0-UW for bug-coreutils@gnu.org; Thu, 31 Mar 2011 16:58:34 -0400 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1Q5Owp-0005SG-Sm for bug-coreutils@gnu.org; Thu, 31 Mar 2011 16:58:32 -0400 Received: from mx2.wwserver.net ([83.151.26.69]:53140) by eggs.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1Q5Owp-0005S0-G9 for bug-coreutils@gnu.org; Thu, 31 Mar 2011 16:58:31 -0400 Received: from localhost (localhost [127.0.0.1]) by mx2.wwserver.net (Postfix) with ESMTP id 698FB1855 for ; Thu, 31 Mar 2011 22:58:28 +0200 (CEST) X-Virus-Scanned: amavisd-new at wwserver.net Received: from mx2.wwserver.net ([127.0.0.1]) by localhost (mx2.wwserver.net [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 0Sy9SIq4QIF2 for ; Thu, 31 Mar 2011 20:58:27 +0000 (UTC) Received: from lape.de.scorpio-it.net (lape.de.scorpio-it.net [192.168.101.121]) by mx2.wwserver.net (Postfix) with ESMTP id 898BD9D7 for ; Thu, 31 Mar 2011 22:58:27 +0200 (CEST) Received: from [127.0.0.1] (localhost [127.0.0.1]) by lape.de.scorpio-it.net (Postfix) with ESMTP id 88A45B30 for ; Thu, 31 Mar 2011 22:58:48 +0200 (CEST) Message-ID: <4D94EB08.2030009@computersalat.de> Date: Thu, 31 Mar 2011 22:58:48 +0200 From: Christian User-Agent: Mozilla/5.0 (X11; U; Linux x86_64; de; rv:1.9.2.14) Gecko/20110221 SUSE/3.1.8 Thunderbird/3.1.8 MIME-Version: 1.0 References: <4D9442D4.6040409@computersalat.de> <4D94B9EF.1010607@redhat.com> <4D94C718.5080000@computersalat.de> <4D94CDE2.4090003@cs.ucla.edu> <4D94DCFA.8000306@computersalat.de> <4D94E0E8.8070201@redhat.com> In-Reply-To: <4D94E0E8.8070201@redhat.com> Content-Type: text/plain; charset=UTF-8; format=flowed Content-Transfer-Encoding: quoted-printable X-detected-operating-system: by eggs.gnu.org: GNU/Linux 2.6 (newer, 3) X-detected-operating-system: by eggs.gnu.org: GNU/Linux 2.6 (newer, 2) X-Received-From: 199.232.76.165 X-Spam-Score: -6.6 (------) X-BeenThere: debbugs-submit@debbugs.gnu.org X-Mailman-Version: 2.1.11 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Sender: debbugs-submit-bounces@debbugs.gnu.org Errors-To: debbugs-submit-bounces@debbugs.gnu.org X-Spam-Score: -6.6 (------) Hi > No, 0755 is not explicit - it is ambiguous with people that are > explicitly using printf %#3o to output a 3-digit octal string with > leading 0 - I don't think we can change this. > > But my suggestion of 00755 _is_ explicit - after taking off the leading 00755 is working here. I can live with that :) > 0 for specifying octal, you are _still_ left with four octal digits > which includes the sticky bit explicitly being set to 0. Thank you Cheers --=20 Christian --------------------------------------------------- Der ultimative shop f=C3=BCr Sportbekleidung und Zubeh=C3=B6r http://www.sc24.de --------------------------------------------------- From unknown Sun Jun 22 22:45:54 2025 X-Loop: help-debbugs@gnu.org Subject: bug#8391: chmod setuid & setguid bits Resent-From: Eric Blake Original-Sender: debbugs-submit-bounces@debbugs.gnu.org Resent-To: owner@debbugs.gnu.org Resent-CC: bug-coreutils@gnu.org Resent-Date: Thu, 31 Mar 2011 21:08:02 +0000 Resent-Message-ID: Resent-Sender: help-debbugs@gnu.org X-GNU-PR-Message: followup 8391 X-GNU-PR-Package: coreutils X-GNU-PR-Keywords: Cc: Christian , bug-coreutils@gnu.org Received: via spool by submit@debbugs.gnu.org id=B.130160564214074 (code B ref -1); Thu, 31 Mar 2011 21:08:02 +0000 Received: (at submit) by debbugs.gnu.org; 31 Mar 2011 21:07:22 +0000 Received: from localhost ([127.0.0.1] helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.69) (envelope-from ) id 1Q5P5N-0003ex-JV for submit@debbugs.gnu.org; Thu, 31 Mar 2011 17:07:21 -0400 Received: from eggs.gnu.org ([140.186.70.92]) by debbugs.gnu.org with esmtp (Exim 4.69) (envelope-from ) id 1Q5P5J-0003eh-JX for submit@debbugs.gnu.org; Thu, 31 Mar 2011 17:07:19 -0400 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1Q5P5D-0006fJ-9U for submit@debbugs.gnu.org; Thu, 31 Mar 2011 17:07:12 -0400 X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on eggs.gnu.org X-Spam-Level: X-Spam-Status: No, score=-5.9 required=5.0 tests=BAYES_00,MISSING_HEADERS, RCVD_IN_DNSWL_HI, T_RP_MATCHES_RCVD autolearn=unavailable version=3.3.1 Received: from lists.gnu.org ([199.232.76.165]:51501) by eggs.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1Q5P5D-0006fF-6z for submit@debbugs.gnu.org; Thu, 31 Mar 2011 17:07:11 -0400 Received: from [140.186.70.92] (port=55572 helo=eggs.gnu.org) by lists.gnu.org with esmtp (Exim 4.43) id 1Q5P5C-0006vl-3w for bug-coreutils@gnu.org; Thu, 31 Mar 2011 17:07:11 -0400 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1Q5P5A-0006ee-SC for bug-coreutils@gnu.org; Thu, 31 Mar 2011 17:07:10 -0400 Received: from mx1.redhat.com ([209.132.183.28]:50663) by eggs.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1Q5P5A-0006eY-Gx for bug-coreutils@gnu.org; Thu, 31 Mar 2011 17:07:08 -0400 Received: from int-mx02.intmail.prod.int.phx2.redhat.com (int-mx02.intmail.prod.int.phx2.redhat.com [10.5.11.12]) by mx1.redhat.com (8.14.4/8.14.4) with ESMTP id p2VL74g0007832 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=OK); Thu, 31 Mar 2011 17:07:04 -0400 Received: from [10.3.113.87] (ovpn-113-87.phx2.redhat.com [10.3.113.87]) by int-mx02.intmail.prod.int.phx2.redhat.com (8.13.8/8.13.8) with ESMTP id p2VL74t6027984; Thu, 31 Mar 2011 17:07:04 -0400 Message-ID: <4D94ECF7.7060007@redhat.com> Date: Thu, 31 Mar 2011 15:07:03 -0600 From: Eric Blake Organization: Red Hat User-Agent: Mozilla/5.0 (X11; U; Linux x86_64; en-US; rv:1.9.2.15) Gecko/20110307 Fedora/3.1.9-0.39.b3pre.fc14 Lightning/1.0b3pre Mnenhy/0.8.3 Thunderbird/3.1.9 MIME-Version: 1.0 References: <4D9442D4.6040409@computersalat.de> <4D94B9EF.1010607@redhat.com> <4D94C718.5080000@computersalat.de> <4D94CDE2.4090003@cs.ucla.edu> <4D94DCFA.8000306@computersalat.de> <4D94E0E8.8070201@redhat.com> In-Reply-To: <4D94E0E8.8070201@redhat.com> X-Enigmail-Version: 1.1.2 OpenPGP: url=http://people.redhat.com/eblake/eblake.gpg Content-Type: multipart/signed; micalg=pgp-sha256; protocol="application/pgp-signature"; boundary="------------enig57BEFB6E02BFAB65B66DEA93" X-Scanned-By: MIMEDefang 2.67 on 10.5.11.12 X-detected-operating-system: by eggs.gnu.org: Genre and OS details not recognized. X-detected-operating-system: by eggs.gnu.org: GNU/Linux 2.6 (newer, 2) X-Received-From: 199.232.76.165 X-Spam-Score: -7.3 (-------) X-BeenThere: debbugs-submit@debbugs.gnu.org X-Mailman-Version: 2.1.11 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Sender: debbugs-submit-bounces@debbugs.gnu.org Errors-To: debbugs-submit-bounces@debbugs.gnu.org X-Spam-Score: -7.2 (-------) This is an OpenPGP/MIME signed message (RFC 2440 and 3156) --------------enig57BEFB6E02BFAB65B66DEA93 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: quoted-printable On 03/31/2011 02:15 PM, Eric Blake wrote: > I also don't know how many of the implementations are technically right= > - POSIX allows a wide range of acceptable behavior, but did require tha= t > the particular behavior used be documented (not like anyone wants to > read documentation for multiple implementations to compare them to see > where things will go different). But if other implementations don't > document what they do, then they are wrong no matter how you look at it= , > even if they can justify their behavior under a typical work flow. Also note that there is a difference between POSIX requirements: chmod 755 file - must clear setgid bit chmod 2755 file - must set setgid bit chmod 755 dir - may leave setgid bit set chmod 2755 dir - may leave setgid bit clear because POSIX is explicit that regular files treat the octal argument literally for all 12 bits, but that all other file types are implementation-defined on the effect on the top 3 bits. --=20 Eric Blake eblake@redhat.com +1-801-349-2682 Libvirt virtualization library http://libvirt.org --------------enig57BEFB6E02BFAB65B66DEA93 Content-Type: application/pgp-signature; name="signature.asc" Content-Description: OpenPGP digital signature Content-Disposition: attachment; filename="signature.asc" -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.11 (GNU/Linux) Comment: Public key at http://people.redhat.com/eblake/eblake.gpg Comment: Using GnuPG with Fedora - http://enigmail.mozdev.org/ iQEcBAEBCAAGBQJNlOz3AAoJEKeha0olJ0Nq3A8H/0Q1zqa336Xhc7EjWVpFLvND tbYbMgnnKjs/46veDV+XF4AaoqpthwuzAeJXFi5IhlKP1rQKT5qLZ8N59I2NyiTd F7qVTb3WS5N1aRvH7KlBEY8wGRLh70zYBBjWVJ6+5mhOvqtRfo95Xt/AnzhJ9DV3 UoJxscOhDF6/CK0EdPx58MsjHu3+EWr8a/MvBCaOgW18VKaetVsNYAo3eW6YB3MY iHWRyYLUEIReBGryBzgzRA8qRRMoXtpSXYgBchuEGFTBTwh3ocyULJBF48AsZBWf tR8kfABpNpYCJztWcrAnMbk7gJ/6tGtbPUzvU9z9OYQvbr5yVX4ddgNXCsbgsDI= =PNtg -----END PGP SIGNATURE----- --------------enig57BEFB6E02BFAB65B66DEA93-- From unknown Sun Jun 22 22:45:54 2025 X-Loop: help-debbugs@gnu.org Subject: bug#8391: chmod setuid & setguid bits Resent-From: Erik Auerswald Original-Sender: debbugs-submit-bounces@debbugs.gnu.org Resent-To: owner@debbugs.gnu.org Resent-CC: bug-coreutils@gnu.org Resent-Date: Fri, 01 Apr 2011 09:12:01 +0000 Resent-Message-ID: Resent-Sender: help-debbugs@gnu.org X-GNU-PR-Message: followup 8391 X-GNU-PR-Package: coreutils X-GNU-PR-Keywords: To: Paul Eggert Cc: Christian , bug-coreutils@gnu.org Received: via spool by submit@debbugs.gnu.org id=B.13016490799718 (code B ref -1); Fri, 01 Apr 2011 09:12:01 +0000 Received: (at submit) by debbugs.gnu.org; 1 Apr 2011 09:11:19 +0000 Received: from localhost ([127.0.0.1] helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.69) (envelope-from ) id 1Q5aNz-0002Wh-BY for submit@debbugs.gnu.org; Fri, 01 Apr 2011 05:11:19 -0400 Received: from eggs.gnu.org ([140.186.70.92]) by debbugs.gnu.org with esmtp (Exim 4.69) (envelope-from ) id 1Q5aNx-0002WV-Eq for submit@debbugs.gnu.org; Fri, 01 Apr 2011 05:11:18 -0400 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1Q5aNr-0002WA-Cy for submit@debbugs.gnu.org; Fri, 01 Apr 2011 05:11:12 -0400 X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on eggs.gnu.org X-Spam-Level: X-Spam-Status: No, score=-4.2 required=5.0 tests=BAYES_00,RCVD_IN_DNSWL_MED, T_RP_MATCHES_RCVD autolearn=unavailable version=3.3.1 Received: from lists.gnu.org ([199.232.76.165]:43365) by eggs.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1Q5aNr-0002W6-Ae for submit@debbugs.gnu.org; Fri, 01 Apr 2011 05:11:11 -0400 Received: from [140.186.70.92] (port=41710 helo=eggs.gnu.org) by lists.gnu.org with esmtp (Exim 4.43) id 1Q5aNo-0002Z6-Ie for bug-coreutils@gnu.org; Fri, 01 Apr 2011 05:11:10 -0400 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1Q5aNn-0002VG-8C for bug-coreutils@gnu.org; Fri, 01 Apr 2011 05:11:08 -0400 Received: from mailgw1.uni-kl.de ([131.246.120.220]:49418) by eggs.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1Q5aNm-0002Ty-Tg for bug-coreutils@gnu.org; Fri, 01 Apr 2011 05:11:07 -0400 Received: from sushi.unix-ag.uni-kl.de (sushi.unix-ag.uni-kl.de [IPv6:2001:638:208:ef34:0:ff:fe00:65]) by mailgw1.uni-kl.de (8.14.3/8.14.3/Debian-5+lenny1) with ESMTP id p319AkXd000360 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NOT); Fri, 1 Apr 2011 11:10:46 +0200 Received: from sushi.unix-ag.uni-kl.de (ip6-localhost [IPv6:::1]) by sushi.unix-ag.uni-kl.de (8.14.3/8.14.3/Debian-5+lenny1) with ESMTP id p319Ak8e013607 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO); Fri, 1 Apr 2011 11:10:46 +0200 Received: (from auerswal@localhost) by sushi.unix-ag.uni-kl.de (8.14.3/8.14.3/Submit) id p319AjCF013606; Fri, 1 Apr 2011 11:10:45 +0200 Date: Fri, 1 Apr 2011 11:10:45 +0200 From: Erik Auerswald Message-ID: <20110401091045.GB12798@sushi.unix-ag.uni-kl.de> Mail-Followup-To: Erik Auerswald , Paul Eggert , Christian , bug-coreutils@gnu.org References: <4D9442D4.6040409@computersalat.de> <4D94B9EF.1010607@redhat.com> <4D94C718.5080000@computersalat.de> <4D94CDE2.4090003@cs.ucla.edu> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <4D94CDE2.4090003@cs.ucla.edu> User-Agent: Mutt/1.5.18 (2008-05-17) X-detected-operating-system: by eggs.gnu.org: GNU/Linux 2.6 (newer, 3) X-detected-operating-system: by eggs.gnu.org: GNU/Linux 2.6 (newer, 2) X-Received-From: 199.232.76.165 X-Spam-Score: -6.5 (------) X-BeenThere: debbugs-submit@debbugs.gnu.org X-Mailman-Version: 2.1.11 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Sender: debbugs-submit-bounces@debbugs.gnu.org Errors-To: debbugs-submit-bounces@debbugs.gnu.org X-Spam-Score: -6.5 (------) Hi, On Thu, Mar 31, 2011 at 11:54:26AM -0700, Paul Eggert wrote: > On 03/31/2011 11:25 AM, Christian wrote: > > and using "0755" is explicit enough, isn't it ? > > Unfortunately it's not that simple, as having 0755 mean > something different from 755 would violate the principle > of least surprise. I am very surprised that explicitly specifying 0 for SUID, SGID, sticky is silently ignored. > Please see the thread starting at > . Quoting from that message: > set-user-ID and set-group-ID bits instead of clearing them. If > you want to clear the bits you can mention them explicitly, e.g., > `chmod 0755 DIR' and `chmod a-s,u=rwx,go=rx DIR'. ^^^^^^^^^^^^^^ How could one be more explicit? Paul Eggert seemed to agree: > However, I would argue that this is more confusing than > what we've got right now, since "chmod 0755 DIR" clearly requests to > clear the setgid bit. Jim Meyering disagreed: > Treating that leading '0' as significant violates the principle of > least surprise. Not to say that everyone who uses chmod(1) even knows > what an octal number is, but enough of us are used to that leading zero > being insignificant that I think it should remain negligible. > [...] > To me, it's not a clear request to clear the setgid bit. Eric Blake suggested a weird looking (to me anyway ;) solution: > Should we document "chmod 00500 dir" as an explicit way to clear the > bit, or just require a textual mode string? Furthermore, it was found that vendor's implementations of chmod surprise in different ways. I'd suggest adding a warning if chmod (and possibly other utils) encounter an octal mode number with leading 0, as that might mean 'octal' or 'zero'. I'd definitely prefer interpreting the leading 0 as a zero for the SUID/SGID/sticky bits, but coreutil's viewpoint obviuosly differs... Regards, Erik -- If you don't know what you are doing, advance designs will not help. -- Eric Allman From unknown Sun Jun 22 22:45:54 2025 X-Loop: help-debbugs@gnu.org Subject: bug#8391: chmod setuid & setguid bits Resent-From: Erik Auerswald Original-Sender: debbugs-submit-bounces@debbugs.gnu.org Resent-To: owner@debbugs.gnu.org Resent-CC: bug-coreutils@gnu.org Resent-Date: Fri, 01 Apr 2011 09:17:01 +0000 Resent-Message-ID: Resent-Sender: help-debbugs@gnu.org X-GNU-PR-Message: followup 8391 X-GNU-PR-Package: coreutils X-GNU-PR-Keywords: To: Eric Blake Cc: Christian , bug-coreutils@gnu.org Received: via spool by submit@debbugs.gnu.org id=B.130164941210183 (code B ref -1); Fri, 01 Apr 2011 09:17:01 +0000 Received: (at submit) by debbugs.gnu.org; 1 Apr 2011 09:16:52 +0000 Received: from localhost ([127.0.0.1] helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.69) (envelope-from ) id 1Q5aTL-0002eC-MZ for submit@debbugs.gnu.org; Fri, 01 Apr 2011 05:16:51 -0400 Received: from eggs.gnu.org ([140.186.70.92]) by debbugs.gnu.org with esmtp (Exim 4.69) (envelope-from ) id 1Q5aTJ-0002dz-Ve for submit@debbugs.gnu.org; Fri, 01 Apr 2011 05:16:50 -0400 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1Q5aTD-0003y3-R9 for submit@debbugs.gnu.org; Fri, 01 Apr 2011 05:16:44 -0400 X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on eggs.gnu.org X-Spam-Level: X-Spam-Status: No, score=-4.2 required=5.0 tests=BAYES_00,RCVD_IN_DNSWL_MED, T_RP_MATCHES_RCVD autolearn=unavailable version=3.3.1 Received: from lists.gnu.org ([199.232.76.165]:43592) by eggs.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1Q5aTD-0003xz-P5 for submit@debbugs.gnu.org; Fri, 01 Apr 2011 05:16:43 -0400 Received: from [140.186.70.92] (port=40946 helo=eggs.gnu.org) by lists.gnu.org with esmtp (Exim 4.43) id 1Q5aTA-0006iQ-QR for bug-coreutils@gnu.org; Fri, 01 Apr 2011 05:16:42 -0400 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1Q5aT9-0003xZ-M3 for bug-coreutils@gnu.org; Fri, 01 Apr 2011 05:16:40 -0400 Received: from mailgw1.uni-kl.de ([131.246.120.220]:45486) by eggs.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1Q5aT9-0003x8-Aw for bug-coreutils@gnu.org; Fri, 01 Apr 2011 05:16:39 -0400 Received: from sushi.unix-ag.uni-kl.de (sushi.unix-ag.uni-kl.de [IPv6:2001:638:208:ef34:0:ff:fe00:65]) by mailgw1.uni-kl.de (8.14.3/8.14.3/Debian-5+lenny1) with ESMTP id p319GaMJ004091 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NOT); Fri, 1 Apr 2011 11:16:36 +0200 Received: from sushi.unix-ag.uni-kl.de (ip6-localhost [IPv6:::1]) by sushi.unix-ag.uni-kl.de (8.14.3/8.14.3/Debian-5+lenny1) with ESMTP id p319GaOC013788 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO); Fri, 1 Apr 2011 11:16:36 +0200 Received: (from auerswal@localhost) by sushi.unix-ag.uni-kl.de (8.14.3/8.14.3/Submit) id p319Gaws013787; Fri, 1 Apr 2011 11:16:36 +0200 Date: Fri, 1 Apr 2011 11:16:36 +0200 From: Erik Auerswald Message-ID: <20110401091636.GC12798@sushi.unix-ag.uni-kl.de> Mail-Followup-To: Erik Auerswald , Eric Blake , Christian , bug-coreutils@gnu.org References: <4D9442D4.6040409@computersalat.de> <4D94B9EF.1010607@redhat.com> <4D94C718.5080000@computersalat.de> <4D94CDE2.4090003@cs.ucla.edu> <4D94DCFA.8000306@computersalat.de> <4D94E0E8.8070201@redhat.com> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <4D94E0E8.8070201@redhat.com> User-Agent: Mutt/1.5.18 (2008-05-17) X-detected-operating-system: by eggs.gnu.org: GNU/Linux 2.6 (newer, 3) X-detected-operating-system: by eggs.gnu.org: GNU/Linux 2.6 (newer, 2) X-Received-From: 199.232.76.165 X-Spam-Score: -6.5 (------) X-BeenThere: debbugs-submit@debbugs.gnu.org X-Mailman-Version: 2.1.11 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Sender: debbugs-submit-bounces@debbugs.gnu.org Errors-To: debbugs-submit-bounces@debbugs.gnu.org X-Spam-Score: -6.5 (------) Hi, On Thu, Mar 31, 2011 at 02:15:36PM -0600, Eric Blake wrote: > On 03/31/2011 01:58 PM, Christian wrote: > > Am 31.03.2011 20:54, schrieb Paul Eggert: > >> On 03/31/2011 11:25 AM, Christian wrote: > >>> and using "0755" is explicit enough, isn't it ? > >> Unfortunately it's not that simple, as having 0755 mean > >> something different from 755 would violate the principle > >> of least surprise. Please see the thread starting at > >> . > > I read it and I came to the conclusion > > 755 should preserve s-bit: OK > > 2755 sould set sbit. OK > > 0755 should remove sbit, cause it is explicit wanted. > > and not doing so is a "lemming behaviour". > > No, 0755 is not explicit - it is ambiguous with people that are > explicitly using printf %#3o to output a 3-digit octal string with > leading 0 - I don't think we can change this. > > But my suggestion of 00755 _is_ explicit - after taking off the leading > 0 for specifying octal, you are _still_ left with four octal digits > which includes the sticky bit explicitly being set to 0. It is explicit, but it looks weird (to me) and is surprising, since the leading 0 for 'octal' is clearly _not_ needed for chmod and friends. No documentation I know states a need for the leading 0 to denote 'octal' for the octal mode value. The value is always documented as being an octal number. Anyway, this is non-portable and just needs to be documented explicitly and in length. I did not (yet) check the current coreutils docs and FAQ for this, so it possibly already is. Regards, Erik -- Golden rule #12: When the comments do not match the code, they probably are both wrong. -- Steven Rostedt From unknown Sun Jun 22 22:45:54 2025 X-Loop: help-debbugs@gnu.org Subject: bug#8391: chmod setuid & setguid bits Resent-From: Christian Original-Sender: debbugs-submit-bounces@debbugs.gnu.org Resent-To: owner@debbugs.gnu.org Resent-CC: bug-coreutils@gnu.org Resent-Date: Fri, 01 Apr 2011 09:24:02 +0000 Resent-Message-ID: Resent-Sender: help-debbugs@gnu.org X-GNU-PR-Message: followup 8391 X-GNU-PR-Package: coreutils X-GNU-PR-Keywords: To: bug-coreutils@gnu.org Received: via spool by submit@debbugs.gnu.org id=B.130164981310753 (code B ref -1); Fri, 01 Apr 2011 09:24:02 +0000 Received: (at submit) by debbugs.gnu.org; 1 Apr 2011 09:23:33 +0000 Received: from localhost ([127.0.0.1] helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.69) (envelope-from ) id 1Q5aZp-0002nO-1s for submit@debbugs.gnu.org; Fri, 01 Apr 2011 05:23:33 -0400 Received: from eggs.gnu.org ([140.186.70.92]) by debbugs.gnu.org with esmtp (Exim 4.69) (envelope-from ) id 1Q5aZn-0002nC-Cu for submit@debbugs.gnu.org; Fri, 01 Apr 2011 05:23:32 -0400 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1Q5aZg-0005VM-Mp for submit@debbugs.gnu.org; Fri, 01 Apr 2011 05:23:26 -0400 X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on eggs.gnu.org X-Spam-Level: X-Spam-Status: No, score=-1.9 required=5.0 tests=BAYES_00 autolearn=unavailable version=3.3.1 Received: from lists.gnu.org ([199.232.76.165]:60986) by eggs.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1Q5aZg-0005VG-IN for submit@debbugs.gnu.org; Fri, 01 Apr 2011 05:23:24 -0400 Received: from [140.186.70.92] (port=55439 helo=eggs.gnu.org) by lists.gnu.org with esmtp (Exim 4.43) id 1Q5aZf-00085T-4R for bug-coreutils@gnu.org; Fri, 01 Apr 2011 05:23:24 -0400 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1Q5aZd-0005UZ-RB for bug-coreutils@gnu.org; Fri, 01 Apr 2011 05:23:23 -0400 Received: from mx2.wwserver.net ([83.151.26.69]:39812) by eggs.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1Q5aZd-0005U8-Ko for bug-coreutils@gnu.org; Fri, 01 Apr 2011 05:23:21 -0400 Received: from localhost (localhost [127.0.0.1]) by mx2.wwserver.net (Postfix) with ESMTP id EEFE8193D for ; Fri, 1 Apr 2011 11:23:17 +0200 (CEST) X-Virus-Scanned: amavisd-new at wwserver.net Received: from mx2.wwserver.net ([127.0.0.1]) by localhost (mx2.wwserver.net [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id A5xrSWY2GMcc for ; Fri, 1 Apr 2011 09:23:16 +0000 (UTC) Received: from lape.de.scorpio-it.net (lape.de.scorpio-it.net [192.168.101.121]) by mx2.wwserver.net (Postfix) with ESMTP id A39001875 for ; Fri, 1 Apr 2011 11:23:16 +0200 (CEST) Received: from [127.0.0.1] (localhost [127.0.0.1]) by lape.de.scorpio-it.net (Postfix) with ESMTP id F2759B35 for ; Fri, 1 Apr 2011 11:23:36 +0200 (CEST) Message-ID: <4D959998.8080200@computersalat.de> Date: Fri, 01 Apr 2011 11:23:36 +0200 From: Christian User-Agent: Mozilla/5.0 (X11; U; Linux x86_64; de; rv:1.9.2.14) Gecko/20110221 SUSE/3.1.8 Thunderbird/3.1.8 MIME-Version: 1.0 References: <4D9442D4.6040409@computersalat.de> <4D94B9EF.1010607@redhat.com> <4D94C718.5080000@computersalat.de> <4D94CDE2.4090003@cs.ucla.edu> <4D94DCFA.8000306@computersalat.de> <4D94E0E8.8070201@redhat.com> <4D94EB08.2030009@computersalat.de> In-Reply-To: <4D94EB08.2030009@computersalat.de> Content-Type: text/plain; charset=UTF-8; format=flowed Content-Transfer-Encoding: quoted-printable X-detected-operating-system: by eggs.gnu.org: GNU/Linux 2.6 (newer, 3) X-detected-operating-system: by eggs.gnu.org: GNU/Linux 2.6 (newer, 2) X-Received-From: 199.232.76.165 X-Spam-Score: -6.6 (------) X-BeenThere: debbugs-submit@debbugs.gnu.org X-Mailman-Version: 2.1.11 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Sender: debbugs-submit-bounces@debbugs.gnu.org Errors-To: debbugs-submit-bounces@debbugs.gnu.org X-Spam-Score: -6.6 (------) Hi have to revoke my last comment "00755 is working here. I can live with=20 that :) " This was on the wrong system (SLES 10 SP3), where also a 755 does not=20 preserve the sbit. sorry for that Cheers, Chris Am 31.03.2011 22:58, schrieb Christian: > Hi >> No, 0755 is not explicit - it is ambiguous with people that are >> explicitly using printf %#3o to output a 3-digit octal string with >> leading 0 - I don't think we can change this. >> >> But my suggestion of 00755 _is_ explicit - after taking off the leadin= g > 00755 is working here. I can live with that :) >> 0 for specifying octal, you are _still_ left with four octal digits >> which includes the sticky bit explicitly being set to 0. > Thank you > Cheers > --=20 Christian --------------------------------------------------- Der ultimative shop f=C3=BCr Sportbekleidung und Zubeh=C3=B6r http://www.sc24.de --------------------------------------------------- From unknown Sun Jun 22 22:45:54 2025 X-Loop: help-debbugs@gnu.org Subject: bug#8391: chmod setuid & setguid bits Resent-From: Ondrej Vasik Original-Sender: debbugs-submit-bounces@debbugs.gnu.org Resent-To: owner@debbugs.gnu.org Resent-CC: bug-coreutils@gnu.org Resent-Date: Mon, 04 Apr 2011 09:05:02 +0000 Resent-Message-ID: Resent-Sender: help-debbugs@gnu.org X-GNU-PR-Message: followup 8391 X-GNU-PR-Package: coreutils X-GNU-PR-Keywords: To: Eric Blake Cc: Christian , bug-coreutils@gnu.org Reply-To: ovasik@redhat.com Received: via spool by submit@debbugs.gnu.org id=B.130190788913785 (code B ref -1); Mon, 04 Apr 2011 09:05:02 +0000 Received: (at submit) by debbugs.gnu.org; 4 Apr 2011 09:04:49 +0000 Received: from localhost ([127.0.0.1] helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.69) (envelope-from ) id 1Q6fiG-0003aE-HM for submit@debbugs.gnu.org; Mon, 04 Apr 2011 05:04:49 -0400 Received: from eggs.gnu.org ([140.186.70.92]) by debbugs.gnu.org with esmtp (Exim 4.69) (envelope-from ) id 1Q6fiC-0003Zy-TN for submit@debbugs.gnu.org; Mon, 04 Apr 2011 05:04:42 -0400 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1Q6fi6-0006X1-IO for submit@debbugs.gnu.org; Mon, 04 Apr 2011 05:04:35 -0400 X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on eggs.gnu.org X-Spam-Level: X-Spam-Status: No, score=-6.9 required=5.0 tests=BAYES_00,RCVD_IN_DNSWL_HI, T_RP_MATCHES_RCVD autolearn=unavailable version=3.3.1 Received: from lists.gnu.org ([199.232.76.165]:58705) by eggs.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1Q6fi6-0006Wj-AT for submit@debbugs.gnu.org; Mon, 04 Apr 2011 05:04:34 -0400 Received: from [140.186.70.92] (port=35368 helo=eggs.gnu.org) by lists.gnu.org with esmtp (Exim 4.43) id 1Q6fi3-0005oC-QZ for bug-coreutils@gnu.org; Mon, 04 Apr 2011 05:04:33 -0400 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1Q6fi1-0006VG-Lg for bug-coreutils@gnu.org; Mon, 04 Apr 2011 05:04:30 -0400 Received: from mx1.redhat.com ([209.132.183.28]:20896) by eggs.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1Q6fi1-0006Uf-Cp for bug-coreutils@gnu.org; Mon, 04 Apr 2011 05:04:29 -0400 Received: from int-mx01.intmail.prod.int.phx2.redhat.com (int-mx01.intmail.prod.int.phx2.redhat.com [10.5.11.11]) by mx1.redhat.com (8.14.4/8.14.4) with ESMTP id p3494LWP019635 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=OK); Mon, 4 Apr 2011 05:04:21 -0400 Received: from [10.34.24.196] (dhcp-24-196.brq.redhat.com [10.34.24.196]) by int-mx01.intmail.prod.int.phx2.redhat.com (8.13.8/8.13.8) with ESMTP id p3494JQx016347; Mon, 4 Apr 2011 05:04:20 -0400 From: Ondrej Vasik In-Reply-To: <4D94E0E8.8070201@redhat.com> References: <4D9442D4.6040409@computersalat.de> <4D94B9EF.1010607@redhat.com> <4D94C718.5080000@computersalat.de> <4D94CDE2.4090003@cs.ucla.edu> <4D94DCFA.8000306@computersalat.de> <4D94E0E8.8070201@redhat.com> Content-Type: text/plain; charset="UTF-8" Organization: Red Hat, Inc. Date: Mon, 04 Apr 2011 11:04:18 +0200 Message-ID: <1301907858.3062.15.camel@dhcp-24-196.brq.redhat.com> Mime-Version: 1.0 Content-Transfer-Encoding: 7bit X-Scanned-By: MIMEDefang 2.67 on 10.5.11.11 X-detected-operating-system: by eggs.gnu.org: Genre and OS details not recognized. X-detected-operating-system: by eggs.gnu.org: GNU/Linux 2.6 (newer, 2) X-Received-From: 199.232.76.165 X-Spam-Score: -7.5 (-------) X-BeenThere: debbugs-submit@debbugs.gnu.org X-Mailman-Version: 2.1.11 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Sender: debbugs-submit-bounces@debbugs.gnu.org Errors-To: debbugs-submit-bounces@debbugs.gnu.org X-Spam-Score: -7.4 (-------) Hi, On Thu, 2011-03-31 at 14:15 -0600, Eric Blake wrote: > On 03/31/2011 01:58 PM, Christian wrote: > > Hi Paul, > > > > Am 31.03.2011 20:54, schrieb Paul Eggert: > >> On 03/31/2011 11:25 AM, Christian wrote: > >>> and using "0755" is explicit enough, isn't it ? > >> Unfortunately it's not that simple, as having 0755 mean > >> something different from 755 would violate the principle > >> of least surprise. Please see the thread starting at > >> . > > I read it and I came to the conclusion > > 755 should preserve s-bit: OK > > 2755 sould set sbit. OK > > 0755 should remove sbit, cause it is explicit wanted. > > and not doing so is a "lemming behaviour". > > No, 0755 is not explicit - it is ambiguous with people that are > explicitly using printf %#3o to output a 3-digit octal string with > leading 0 - I don't think we can change this. I just want to mention recent RH bugzilla report about the same issue - https://bugzilla.redhat.com/show_bug.cgi?id=691466 ... one of the ideas in this bugzilla is that because of the ambiguity of the 0755 (and similars) it would be very good to actually inform user in the case that the special bit was not cleared (so only in the case that SUID/SGID/sticky bits are set). Maybe only in verbose mode, but I think it will be improvement for the current situation. What do you think? > But my suggestion of 00755 _is_ explicit - after taking off the leading > 0 for specifying octal, you are _still_ left with four octal digits > which includes the sticky bit explicitly being set to 0. I really like the 00XXX suggestion - do you plan to implement that yourself? If you don't have time for writing it but this solution is generally acceptable compromise, I could try to prepare a patch for that. Greetings, Ondrej Vasik From unknown Sun Jun 22 22:45:54 2025 X-Loop: help-debbugs@gnu.org Subject: bug#8391: chmod setuid & setguid bits Resent-From: Ondrej Vasik Original-Sender: debbugs-submit-bounces@debbugs.gnu.org Resent-CC: bug-coreutils@gnu.org Resent-Date: Fri, 24 Feb 2012 12:57:02 +0000 Resent-Message-ID: Resent-Sender: help-debbugs@gnu.org X-GNU-PR-Message: followup 8391 X-GNU-PR-Package: coreutils X-GNU-PR-Keywords: To: Eric Blake Cc: chris@computersalat.de, 8391@debbugs.gnu.org X-Debbugs-Original-Cc: Christian , bug-coreutils@gnu.org Reply-To: ovasik@redhat.com Received: via spool by submit@debbugs.gnu.org id=B.133008818622473 (code B ref -1); Fri, 24 Feb 2012 12:57:02 +0000 Received: (at submit) by debbugs.gnu.org; 24 Feb 2012 12:56:26 +0000 Received: from localhost ([127.0.0.1]:53512 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.72) (envelope-from ) id 1S0uhF-0005qP-Ig for submit@debbugs.gnu.org; Fri, 24 Feb 2012 07:56:26 -0500 Received: from eggs.gnu.org ([140.186.70.92]:39705) by debbugs.gnu.org with esmtp (Exim 4.72) (envelope-from ) id 1S0uhB-0005qB-8P for submit@debbugs.gnu.org; Fri, 24 Feb 2012 07:56:24 -0500 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1S0ueb-0003XZ-0E for submit@debbugs.gnu.org; Fri, 24 Feb 2012 07:53:42 -0500 X-Spam-Checker-Version: SpamAssassin 3.3.2 (2011-06-06) on eggs.gnu.org X-Spam-Level: X-Spam-Status: No, score=-6.9 required=5.0 tests=BAYES_00,RCVD_IN_DNSWL_HI, T_RP_MATCHES_RCVD autolearn=unavailable version=3.3.2 Received: from lists.gnu.org ([140.186.70.17]:36963) by eggs.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1S0uea-0003XV-Ut for submit@debbugs.gnu.org; Fri, 24 Feb 2012 07:53:40 -0500 Received: from eggs.gnu.org ([140.186.70.92]:50081) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1S0ueU-0007lm-PW for bug-coreutils@gnu.org; Fri, 24 Feb 2012 07:53:40 -0500 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1S0ueO-0003W4-9E for bug-coreutils@gnu.org; Fri, 24 Feb 2012 07:53:34 -0500 Received: from mx1.redhat.com ([209.132.183.28]:13652) by eggs.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1S0ueO-0003Vt-1o for bug-coreutils@gnu.org; Fri, 24 Feb 2012 07:53:28 -0500 Received: from int-mx09.intmail.prod.int.phx2.redhat.com (int-mx09.intmail.prod.int.phx2.redhat.com [10.5.11.22]) by mx1.redhat.com (8.14.4/8.14.4) with ESMTP id q1OCrKOn013129 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=OK); Fri, 24 Feb 2012 07:53:20 -0500 Received: from [10.34.24.196] (dhcp-24-196.brq.redhat.com [10.34.24.196]) by int-mx09.intmail.prod.int.phx2.redhat.com (8.14.4/8.14.4) with ESMTP id q1OCrIxW027001; Fri, 24 Feb 2012 07:53:18 -0500 From: Ondrej Vasik In-Reply-To: <1301907858.3062.15.camel@dhcp-24-196.brq.redhat.com> References: <4D9442D4.6040409@computersalat.de> <4D94B9EF.1010607@redhat.com> <4D94C718.5080000@computersalat.de> <4D94CDE2.4090003@cs.ucla.edu> <4D94DCFA.8000306@computersalat.de> <4D94E0E8.8070201@redhat.com> <1301907858.3062.15.camel@dhcp-24-196.brq.redhat.com> Content-Type: multipart/mixed; boundary="=-NgbeMT0IA9NTv+WdQd2r" Organization: Red Hat, Inc. Date: Fri, 24 Feb 2012 13:53:17 +0100 Message-ID: <1330087997.8460.32.camel@dhcp-24-196.brq.redhat.com> Mime-Version: 1.0 X-Scanned-By: MIMEDefang 2.68 on 10.5.11.22 X-detected-operating-system: by eggs.gnu.org: Genre and OS details not recognized. X-detected-operating-system: by eggs.gnu.org: GNU/Linux 2.6 (newer, 3) X-Received-From: 140.186.70.17 X-Spam-Score: -4.2 (----) X-BeenThere: debbugs-submit@debbugs.gnu.org X-Mailman-Version: 2.1.13 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Sender: debbugs-submit-bounces@debbugs.gnu.org Errors-To: debbugs-submit-bounces@debbugs.gnu.org X-Spam-Score: -4.2 (----) --=-NgbeMT0IA9NTv+WdQd2r Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: 7bit On Mon, 2011-04-04 at 11:04 +0200, Ondrej Vasik wrote: > Hi, > On Thu, 2011-03-31 at 14:15 -0600, Eric Blake wrote: > > On 03/31/2011 01:58 PM, Christian wrote: > > > Hi Paul, > > > > > > Am 31.03.2011 20:54, schrieb Paul Eggert: > > >> On 03/31/2011 11:25 AM, Christian wrote: > > >>> and using "0755" is explicit enough, isn't it ? > > >> Unfortunately it's not that simple, as having 0755 mean > > >> something different from 755 would violate the principle > > >> of least surprise. Please see the thread starting at > > >> . > > > I read it and I came to the conclusion > > > 755 should preserve s-bit: OK > > > 2755 sould set sbit. OK > > > 0755 should remove sbit, cause it is explicit wanted. > > > and not doing so is a "lemming behaviour". > > > > No, 0755 is not explicit - it is ambiguous with people that are > > explicitly using printf %#3o to output a 3-digit octal string with > > leading 0 - I don't think we can change this. > > I just want to mention recent RH bugzilla report about the same issue - > https://bugzilla.redhat.com/show_bug.cgi?id=691466 ... one of the ideas > in this bugzilla is that because of the ambiguity of the 0755 (and > similars) it would be very good to actually inform user in the case that > the special bit was not cleared (so only in the case that > SUID/SGID/sticky bits are set). Maybe only in verbose mode, but I think > it will be improvement for the current situation. What do you think? > > > But my suggestion of 00755 _is_ explicit - after taking off the leading > > 0 for specifying octal, you are _still_ left with four octal digits > > which includes the sticky bit explicitly being set to 0. > > > I really like the 00XXX suggestion - do you plan to implement that > yourself? If you don't have time for writing it but this solution is > generally acceptable compromise, I could try to prepare a patch for > that. Sorry for late patch... Double zero five octal digits modes cleaning change, with test (and info documentation clarification) is in attachment. Greetings, Ondrej Vasik --=-NgbeMT0IA9NTv+WdQd2r Content-Disposition: attachment; filename="chmod-octal.patch" Content-Type: text/x-patch; name="chmod-octal.patch"; charset="UTF-8" Content-Transfer-Encoding: 7bit >From 4c31d59205b6558e0b217120649096890f00c679 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Ond=C5=99ej=20Va=C5=A1=C3=ADk?= Date: Fri, 24 Feb 2012 13:34:35 +0100 Subject: [PATCH] chmod: Clear special bits for octal modes specified by 5 digits. * src/chmod.c : Use new keepdirbits boolean for clearing special bits for directories for double leading zero octal mode. * NEWS: Mention the change. * doc/coreutils.texi (chmod invocation): Document the change. * tests/chmod/setuid : Check the new behaviour by test. Suggested by Eric Blake. --- NEWS | 3 +++ doc/coreutils.texi | 6 ++++++ src/chmod.c | 16 ++++++++++++---- tests/chmod/setgid | 9 +++++++++ 4 files changed, 30 insertions(+), 4 deletions(-) diff --git a/NEWS b/NEWS index e2e8fc5..e2e61cb 100644 --- a/NEWS +++ b/NEWS @@ -34,6 +34,9 @@ GNU coreutils NEWS -*- outline -*- systems for which getfilecon-, ACL-check- and XATTR-check-induced syscalls fail with ENOTSUP or similar. + chmod now can clear the setuid and setgid bits on directories + for mode specified as 5 octal digits (e.g. 00755). + * Noteworthy changes in release 8.15 (2012-01-06) [stable] diff --git a/doc/coreutils.texi b/doc/coreutils.texi index cc300a8..8e13ba3 100644 --- a/doc/coreutils.texi +++ b/doc/coreutils.texi @@ -10208,6 +10208,12 @@ may cause the set-user-ID and set-group-ID bits of @var{mode} or functionality of the underlying @code{chmod} system call. When in doubt, check the underlying system behavior. +@command{chmod} by default keeps the set-user-ID and set-group-ID bits +of @var{mode} of a directory when the mode is specified as an octal digit, +unless the mode length is 5 digits with leading double zero. +For 4 digit octal mode ignores the leading zero digit, as this is condidered +not explicit enough and incompatible with other implementations. + If used, @var{mode} specifies the new file mode bits. For details, see the section on @ref{File permissions}. If you really want @var{mode} to have a leading @samp{-}, you should diff --git a/src/chmod.c b/src/chmod.c index a134e3f..7bbce51 100644 --- a/src/chmod.c +++ b/src/chmod.c @@ -68,6 +68,9 @@ static mode_t umask_value; /* If true, change the modes of directories recursively. */ static bool recurse; +/* if true, keep the special directory access bits */ +static bool keepdirbits = true; + /* If true, force silence (suppress most of error messages). */ static bool force_silent; @@ -263,8 +266,9 @@ process_file (FTS *fts, FTSENT *ent) if (ok) { old_mode = file_stats->st_mode; - new_mode = mode_adjust (old_mode, S_ISDIR (old_mode) != 0, umask_value, - change, NULL); + new_mode = mode_adjust (old_mode, + (S_ISDIR (old_mode) != 0) && keepdirbits, + umask_value, change, NULL); if (! S_ISLNK (old_mode)) { @@ -299,7 +303,8 @@ process_file (FTS *fts, FTSENT *ent) if (chmod_succeeded && diagnose_surprises) { mode_t naively_expected_mode = - mode_adjust (old_mode, S_ISDIR (old_mode) != 0, 0, change, NULL); + mode_adjust (old_mode, (S_ISDIR (old_mode) != 0) && keepdirbits, + 0, change, NULL); if (new_mode & ~naively_expected_mode) { char new_perms[12]; @@ -513,8 +518,11 @@ main (int argc, char **argv) } else { - if (!mode) + if (!mode) { mode = argv[optind++]; + /* Clean special bits on dirs for 5 digits octal with leading zero */ + keepdirbits = ((strlen(mode) != 5) || ('0' != *mode)); + } } if (optind >= argc) diff --git a/tests/chmod/setgid b/tests/chmod/setgid index eaa9351..95e164c 100755 --- a/tests/chmod/setgid +++ b/tests/chmod/setgid @@ -45,4 +45,13 @@ chmod 755 d case `ls -ld d` in drwxr-sr-x*);; *) fail=1;; esac +# make sure that it doesn't clear the bits for 4 digit octal mode +chmod 0755 d +case `ls -ld d` in drwxr-sr-x*);; *) fail=1;; esac + + +# make sure that it clears the bits for 5 digit octal mode with leading zero +chmod 00755 d +case `ls -ld d` in drwxr-xr-x*);; *) fail=1;; esac + Exit $fail -- 1.7.1 --=-NgbeMT0IA9NTv+WdQd2r-- From unknown Sun Jun 22 22:45:54 2025 X-Loop: help-debbugs@gnu.org Subject: bug#8391: chmod setuid & setguid bits Resent-From: Paul Eggert Original-Sender: debbugs-submit-bounces@debbugs.gnu.org Resent-CC: bug-coreutils@gnu.org Resent-Date: Fri, 24 Feb 2012 16:05:01 +0000 Resent-Message-ID: Resent-Sender: help-debbugs@gnu.org X-GNU-PR-Message: followup 8391 X-GNU-PR-Package: coreutils X-GNU-PR-Keywords: To: ovasik@redhat.com Cc: chris@computersalat.de, Eric Blake , 8391@debbugs.gnu.org Received: via spool by 8391-submit@debbugs.gnu.org id=B8391.13300994559190 (code B ref 8391); Fri, 24 Feb 2012 16:05:01 +0000 Received: (at 8391) by debbugs.gnu.org; 24 Feb 2012 16:04:15 +0000 Received: from localhost ([127.0.0.1]:54318 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.72) (envelope-from ) id 1S0xd0-0002OB-GM for submit@debbugs.gnu.org; Fri, 24 Feb 2012 11:04:14 -0500 Received: from smtp.cs.ucla.edu ([131.179.128.62]:58205) by debbugs.gnu.org with esmtp (Exim 4.72) (envelope-from ) id 1S0xcw-0002Nv-Os for 8391@debbugs.gnu.org; Fri, 24 Feb 2012 11:04:12 -0500 Received: from localhost (localhost.localdomain [127.0.0.1]) by smtp.cs.ucla.edu (Postfix) with ESMTP id 9D384A60002; Fri, 24 Feb 2012 08:01:30 -0800 (PST) X-Virus-Scanned: amavisd-new at smtp.cs.ucla.edu Received: from smtp.cs.ucla.edu ([127.0.0.1]) by localhost (smtp.cs.ucla.edu [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id Ffn3UDK5-cl9; Fri, 24 Feb 2012 08:01:30 -0800 (PST) Received: from [192.168.1.10] (pool-71-189-109-235.lsanca.fios.verizon.net [71.189.109.235]) by smtp.cs.ucla.edu (Postfix) with ESMTPSA id 0904AA60003; Fri, 24 Feb 2012 08:01:30 -0800 (PST) Message-ID: <4F47B45A.1020607@cs.ucla.edu> Date: Fri, 24 Feb 2012 08:01:30 -0800 From: Paul Eggert Organization: UCLA Computer Science Department User-Agent: Mozilla/5.0 (X11; Linux i686; rv:10.0.2) Gecko/20120216 Thunderbird/10.0.2 MIME-Version: 1.0 References: <4D9442D4.6040409@computersalat.de> <4D94B9EF.1010607@redhat.com> <4D94C718.5080000@computersalat.de> <4D94CDE2.4090003@cs.ucla.edu> <4D94DCFA.8000306@computersalat.de> <4D94E0E8.8070201@redhat.com> <1301907858.3062.15.camel@dhcp-24-196.brq.redhat.com> <1330087997.8460.32.camel@dhcp-24-196.brq.redhat.com> In-Reply-To: <1330087997.8460.32.camel@dhcp-24-196.brq.redhat.com> Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 7bit X-Spam-Score: -1.9 (-) X-BeenThere: debbugs-submit@debbugs.gnu.org X-Mailman-Version: 2.1.13 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Sender: debbugs-submit-bounces@debbugs.gnu.org Errors-To: debbugs-submit-bounces@debbugs.gnu.org X-Spam-Score: -1.9 (-) On 02/24/2012 04:53 AM, Ondrej Vasik wrote: > +@command{chmod} by default keeps the set-user-ID and set-group-ID bits > +of @var{mode} of a directory when the mode is specified as an octal digit, > +unless the mode length is 5 digits with leading double zero. Wait a minute: 00755 works, but 000775 doesn't? Isn't that odd? Also, what about modes like 0000? They have two leading zeros -- shouldn't they clear the setuid bits too? The more I think about it, the more-confusing the double-leading-zero notation see,s. How about using a more-obvious notation instead? Say, a leading "="? For example, "=755" would mean "exactly 755" and would clear the setuid bit. mode_compile could implement this. Regardless, documentation about this notation should be be in the section "Directories and the Set-User-ID and Set-Group-ID Bits"; that's where it belongs. + mode_adjust (old_mode, (S_ISDIR (old_mode) != 0) && keepdirbits, + 0, change, NULL); This change depends on internal details of mode_adjust, and doesn't feel right. The second argument of mode_adjust means that the argument is a directory, and is also used to interpret modes like +X. The code above will work, but it's not clean. It'd be better to make the second argument of mode_adjust an int 'flags' argument, with two flags, one flag saying that it's a directory and one flag saying whether it should ignore requests to clear UID and GID bits. Or better yet, leave the call to mode_adjust alone, and have mode_compile figure this stuff out. From unknown Sun Jun 22 22:45:54 2025 X-Loop: help-debbugs@gnu.org Subject: bug#8391: chmod setuid & setguid bits Resent-From: Eric Blake Original-Sender: debbugs-submit-bounces@debbugs.gnu.org Resent-CC: bug-coreutils@gnu.org Resent-Date: Fri, 24 Feb 2012 16:13:01 +0000 Resent-Message-ID: Resent-Sender: help-debbugs@gnu.org X-GNU-PR-Message: followup 8391 X-GNU-PR-Package: coreutils X-GNU-PR-Keywords: To: ovasik@redhat.com Cc: chris@computersalat.de, 8391@debbugs.gnu.org X-Debbugs-Original-Cc: Christian , bug-coreutils@gnu.org Received: via spool by submit@debbugs.gnu.org id=B.13300999369914 (code B ref -1); Fri, 24 Feb 2012 16:13:01 +0000 Received: (at submit) by debbugs.gnu.org; 24 Feb 2012 16:12:16 +0000 Received: from localhost ([127.0.0.1]:54334 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.72) (envelope-from ) id 1S0xkj-0002Zo-1c for submit@debbugs.gnu.org; Fri, 24 Feb 2012 11:12:14 -0500 Received: from eggs.gnu.org ([208.118.235.92]:34642) by debbugs.gnu.org with esmtp (Exim 4.72) (envelope-from ) id 1S0xkf-0002Zb-6L for submit@debbugs.gnu.org; Fri, 24 Feb 2012 11:12:11 -0500 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1S0xi4-0002zX-0t for submit@debbugs.gnu.org; Fri, 24 Feb 2012 11:09:29 -0500 X-Spam-Checker-Version: SpamAssassin 3.3.2 (2011-06-06) on eggs.gnu.org X-Spam-Level: X-Spam-Status: No, score=-1.9 required=5.0 tests=BAYES_00 autolearn=unavailable version=3.3.2 Received: from lists.gnu.org ([140.186.70.17]:37288) by eggs.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1S0xi3-0002zT-T4 for submit@debbugs.gnu.org; Fri, 24 Feb 2012 11:09:27 -0500 Received: from eggs.gnu.org ([208.118.235.92]:36790) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1S0xhz-0004LP-Cd for bug-coreutils@gnu.org; Fri, 24 Feb 2012 11:09:27 -0500 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1S0xhu-0002x3-GW for bug-coreutils@gnu.org; Fri, 24 Feb 2012 11:09:23 -0500 Received: from mx1.redhat.com ([209.132.183.28]:65386) by eggs.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1S0xhu-0002wv-9H for bug-coreutils@gnu.org; Fri, 24 Feb 2012 11:09:18 -0500 Received: from int-mx01.intmail.prod.int.phx2.redhat.com (int-mx01.intmail.prod.int.phx2.redhat.com [10.5.11.11]) by mx1.redhat.com (8.14.4/8.14.4) with ESMTP id q1OG9DrE025553 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=OK); Fri, 24 Feb 2012 11:09:13 -0500 Received: from [10.3.113.113] (ovpn-113-113.phx2.redhat.com [10.3.113.113]) by int-mx01.intmail.prod.int.phx2.redhat.com (8.13.8/8.13.8) with ESMTP id q1OG9Cq9024535; Fri, 24 Feb 2012 11:09:12 -0500 Message-ID: <4F47B627.3080304@redhat.com> Date: Fri, 24 Feb 2012 09:09:11 -0700 From: Eric Blake Organization: Red Hat User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:10.0.1) Gecko/20120209 Thunderbird/10.0.1 MIME-Version: 1.0 References: <4D9442D4.6040409@computersalat.de> <4D94B9EF.1010607@redhat.com> <4D94C718.5080000@computersalat.de> <4D94CDE2.4090003@cs.ucla.edu> <4D94DCFA.8000306@computersalat.de> <4D94E0E8.8070201@redhat.com> <1301907858.3062.15.camel@dhcp-24-196.brq.redhat.com> <1330087997.8460.32.camel@dhcp-24-196.brq.redhat.com> In-Reply-To: <1330087997.8460.32.camel@dhcp-24-196.brq.redhat.com> X-Enigmail-Version: 1.3.5 OpenPGP: url=http://people.redhat.com/eblake/eblake.gpg Content-Type: multipart/signed; micalg=pgp-sha256; protocol="application/pgp-signature"; boundary="------------enigC83A663CCFFE5428DB64C983" X-Scanned-By: MIMEDefang 2.67 on 10.5.11.11 X-detected-operating-system: by eggs.gnu.org: Genre and OS details not recognized. X-detected-operating-system: by eggs.gnu.org: GNU/Linux 2.6 (newer, 3) X-Received-From: 140.186.70.17 X-Spam-Score: -1.9 (-) X-BeenThere: debbugs-submit@debbugs.gnu.org X-Mailman-Version: 2.1.13 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Sender: debbugs-submit-bounces@debbugs.gnu.org Errors-To: debbugs-submit-bounces@debbugs.gnu.org X-Spam-Score: -1.9 (-) This is an OpenPGP/MIME signed message (RFC 2440 and 3156) --------------enigC83A663CCFFE5428DB64C983 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: quoted-printable On 02/24/2012 05:53 AM, Ondrej Vasik wrote: >> > I really like the 00XXX suggestion - do you plan to implement that >> > yourself? If you don't have time for writing it but this solution is= >> > generally acceptable compromise, I could try to prepare a patch for >> > that. > Sorry for late patch... > Double zero five octal digits modes cleaning change, with test (and inf= o > documentation clarification) is in attachment. >=20 > Greetings, > Ondrej Vasik >=20 >=20 > chmod-octal.patch >=20 >=20 >>>From 4c31d59205b6558e0b217120649096890f00c679 Mon Sep 17 00:00:00 2001 > From: =3D?UTF-8?q?Ond=3DC5=3D99ej=3D20Va=3DC5=3DA1=3DC3=3DADk?=3D > Date: Fri, 24 Feb 2012 13:34:35 +0100 > Subject: [PATCH] chmod: Clear special bits for octal modes specified by= 5 digits. > * src/chmod.c : Use new keepdirbits boolean for clearing speci= al > bits for directories for double leading zero o= ctal > mode. > * NEWS: Mention the change. > * doc/coreutils.texi (chmod invocation): Document the change. > * tests/chmod/setuid : Check the new behaviour by test. > Suggested by Eric Blake. Thanks for reviving this. > +++ b/doc/coreutils.texi > @@ -10208,6 +10208,12 @@ may cause the set-user-ID and set-group-ID bit= s of @var{mode} or > functionality of the underlying @code{chmod} system call. When in > doubt, check the underlying system behavior. > =20 > +@command{chmod} by default keeps the set-user-ID and set-group-ID bits= > +of @var{mode} of a directory when the mode is specified as an octal di= git, > +unless the mode length is 5 digits with leading double zero. 5 or more digits. > +For 4 digit octal mode ignores the leading zero digit, as this is cond= idered s/sondidered/considered/ > +not explicit enough and incompatible with other implementations. I'm not sure I like that wording. How about: @command{chmod} will not clear set-user-ID or set-group-ID bits of @var{mode} of a directory when mode is specified as an octal number, unless the mode had at least 5 digits (which implies a leading double zero). Preserving the special bits with four or fewer octal digits is compatible with other implementations, to prevent opening an accidental security hole on such a directory. > @@ -513,8 +518,11 @@ main (int argc, char **argv) > } > else > { > - if (!mode) > + if (!mode) { > mode =3D argv[optind++]; > + /* Clean special bits on dirs for 5 digits octal with leading = zero */ /* Clear special bits on dirs only if 5 or more octal digits */ > + keepdirbits =3D ((strlen(mode) !=3D 5) || ('0' !=3D *mode)); Spurious parenthesis. I would write this as: keepdirbits =3D 4 < strlen(mode); After all, anyone passing 000755 still deserves to clear the special bits, and anyone calling 11111 will get an error because 010000 is not a valid mode bit, so a length check is sufficient. > +++ b/tests/chmod/setgid > @@ -45,4 +45,13 @@ chmod 755 d > =20 > case `ls -ld d` in drwxr-sr-x*);; *) fail=3D1;; esac > =20 > +# make sure that it doesn't clear the bits for 4 digit octal mode > +chmod 0755 d > +case `ls -ld d` in drwxr-sr-x*);; *) fail=3D1;; esac > + > + > +# make sure that it clears the bits for 5 digit octal mode with leadin= g zero > +chmod 00755 d > +case `ls -ld d` in drwxr-xr-x*);; *) fail=3D1;; esac Also check for 000755. --=20 Eric Blake eblake@redhat.com +1-919-301-3266 Libvirt virtualization library http://libvirt.org --------------enigC83A663CCFFE5428DB64C983 Content-Type: application/pgp-signature; name="signature.asc" Content-Description: OpenPGP digital signature Content-Disposition: attachment; filename="signature.asc" -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.12 (GNU/Linux) Comment: Public key at http://people.redhat.com/eblake/eblake.gpg Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/ iQEcBAEBCAAGBQJPR7YnAAoJEKeha0olJ0NqCKcH/jDH0XymokEGPXHl2NKy9ndU XFVDAJ+tS0gu4rP5hXIhsUrhsgYhVgtqvGsfW76CD9uY45whJgKbd6GGdEIQYo42 XmzwDAruf6njtLkZhTl8EvxOlt3MfSMjmR0kPDj2Z48G+NjB1TsUSUaQMEIr3OQm DB1G04qZk+fYs3g/Nn11+1IWVDAMute5GgAx2P4Grpsp2eI+Ueb3sTQb1bjJnEMZ DccTEBQ9yIRcgD8WSPMoNPqCiGTosLgByZXBzqiwCMDSswppc/TzZ5bHM8zS2JV7 ynMCSSffrbcvvsBmodOV9NB5rDG4DtfBPktPknzeOnqvxBi8Lfdt0jpWWDXUuwU= =RMTI -----END PGP SIGNATURE----- --------------enigC83A663CCFFE5428DB64C983-- From unknown Sun Jun 22 22:45:54 2025 X-Loop: help-debbugs@gnu.org Subject: bug#8391: chmod setuid & setguid bits Resent-From: Ondrej Vasik Original-Sender: debbugs-submit-bounces@debbugs.gnu.org Resent-CC: bug-coreutils@gnu.org Resent-Date: Fri, 24 Feb 2012 18:31:02 +0000 Resent-Message-ID: Resent-Sender: help-debbugs@gnu.org X-GNU-PR-Message: followup 8391 X-GNU-PR-Package: coreutils X-GNU-PR-Keywords: To: Paul Eggert , Eric Blake Cc: chris@computersalat.de, 8391@debbugs.gnu.org Reply-To: ovasik@redhat.com Received: via spool by 8391-submit@debbugs.gnu.org id=B8391.133010822227867 (code B ref 8391); Fri, 24 Feb 2012 18:31:02 +0000 Received: (at 8391) by debbugs.gnu.org; 24 Feb 2012 18:30:22 +0000 Received: from localhost ([127.0.0.1]:54468 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.72) (envelope-from ) id 1S0zuP-0007EQ-SH for submit@debbugs.gnu.org; Fri, 24 Feb 2012 13:30:22 -0500 Received: from mx1.redhat.com ([209.132.183.28]:14528) by debbugs.gnu.org with esmtp (Exim 4.72) (envelope-from ) id 1S0zuL-00072M-Tf for 8391@debbugs.gnu.org; Fri, 24 Feb 2012 13:30:20 -0500 Received: from int-mx02.intmail.prod.int.phx2.redhat.com (int-mx02.intmail.prod.int.phx2.redhat.com [10.5.11.12]) by mx1.redhat.com (8.14.4/8.14.4) with ESMTP id q1OIRZ0P016212 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=OK); Fri, 24 Feb 2012 13:27:35 -0500 Received: from [10.3.236.102] (vpn-236-102.phx2.redhat.com [10.3.236.102]) by int-mx02.intmail.prod.int.phx2.redhat.com (8.13.8/8.13.8) with ESMTP id q1OIRXGd031034; Fri, 24 Feb 2012 13:27:34 -0500 From: Ondrej Vasik In-Reply-To: <4F47B45A.1020607@cs.ucla.edu> References: <4D9442D4.6040409@computersalat.de> <4D94B9EF.1010607@redhat.com> <4D94C718.5080000@computersalat.de> <4D94CDE2.4090003@cs.ucla.edu> <4D94DCFA.8000306@computersalat.de> <4D94E0E8.8070201@redhat.com> <1301907858.3062.15.camel@dhcp-24-196.brq.redhat.com> <1330087997.8460.32.camel@dhcp-24-196.brq.redhat.com> <4F47B45A.1020607@cs.ucla.edu> Content-Type: text/plain; charset="UTF-8" Organization: Red Hat, Inc. Date: Fri, 24 Feb 2012 19:27:32 +0100 Message-ID: <1330108052.32306.49.camel@dhcp-24-196.brq.redhat.com> Mime-Version: 1.0 Content-Transfer-Encoding: 7bit X-Scanned-By: MIMEDefang 2.67 on 10.5.11.12 X-Spam-Score: -6.9 (------) X-BeenThere: debbugs-submit@debbugs.gnu.org X-Mailman-Version: 2.1.13 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Sender: debbugs-submit-bounces@debbugs.gnu.org Errors-To: debbugs-submit-bounces@debbugs.gnu.org X-Spam-Score: -6.9 (------) On Fri, 2012-02-24 at 08:01 -0800, Paul Eggert wrote: > On 02/24/2012 04:53 AM, Ondrej Vasik wrote: > > +@command{chmod} by default keeps the set-user-ID and set-group-ID bits > > +of @var{mode} of a directory when the mode is specified as an octal digit, > > +unless the mode length is 5 digits with leading double zero. > > Wait a minute: 00755 works, but 000775 doesn't? Isn't that odd? > Also, what about modes like 0000? They have two leading zeros -- > shouldn't they clear the setuid bits too? 0000 was discussed before - not explicit enough. 6+ digits ... first, I had the patch done same way as Eric simplified way - so clear bits for every 5+ octal digits mode, but after in-house discussion with few colleagues I changed that to 5 digits only. But it seems that Eric is ok with 5+ digits check (and no check for 0 at begining, as this is checked in mode validation), so will change it that way. > The more I think about it, the more-confusing the double-leading-zero > notation see,s. How about using a more-obvious notation instead? > Say, a leading "="? For example, "=755" would mean "exactly 755" > and would clear the setuid bit. mode_compile could implement this. Leading = probably makes sense, however the request in https://bugzilla.redhat.com/show_bug.cgi?id=691466 was talking about support for octal digits only (and leading = seems to me like a hybrid mode - which would make the required changes in legacy scripts for compatibility with old chmod even harder) - and would definitely mean some changes to gnulib's mode_compile(). > Regardless, documentation about this notation should be be in the > section "Directories and the Set-User-ID and Set-Group-ID Bits"; > that's where it belongs. I missed that section somehow - probably because it was in separate perm.texi file. I'll use the Eric's wording and move it to that section in next version. > + mode_adjust (old_mode, (S_ISDIR (old_mode) != 0) && keepdirbits, > + 0, change, NULL); > > This change depends on internal details of mode_adjust, and doesn't > feel right. The second argument of mode_adjust means that the argument > is a directory, and is also used to interpret modes like +X. > The code above will work, but it's not clean. It'd be better > to make the second argument of mode_adjust an int 'flags' argument, > with two flags, one flag saying that it's a directory and one flag saying > whether it should ignore requests to clear UID and GID bits. You are right, it is really not 100% clean, I used that primarily to avoid need for gnulib modification. Making second param of mode_adjust() int flag would be cleaner approach... but this would mean changing all the calls of mode_adjust to reflect that. Probably adding some optional flags int param to the mode_adjust() would be better in this case ... or using mode_change flag (and special mode) for that. Which approach do you prefer? > Or better yet, leave the call to mode_adjust alone, and have mode_compile > figure this stuff out. But mode_compile() still computes the correct mode from the octal digits, mode_adjust() cleans the setgid/setuid bits from it (based on the dir boolean). Will wait with amending the patch until this will be clarified. Greetings, Ondrej Vasik From unknown Sun Jun 22 22:45:54 2025 X-Loop: help-debbugs@gnu.org Subject: bug#8391: chmod setuid & setguid bits Resent-From: Paul Eggert Original-Sender: debbugs-submit-bounces@debbugs.gnu.org Resent-CC: bug-coreutils@gnu.org Resent-Date: Fri, 24 Feb 2012 18:48:02 +0000 Resent-Message-ID: Resent-Sender: help-debbugs@gnu.org X-GNU-PR-Message: followup 8391 X-GNU-PR-Package: coreutils X-GNU-PR-Keywords: To: ovasik@redhat.com Cc: chris@computersalat.de, Eric Blake , 8391@debbugs.gnu.org Received: via spool by 8391-submit@debbugs.gnu.org id=B8391.1330109271977 (code B ref 8391); Fri, 24 Feb 2012 18:48:02 +0000 Received: (at 8391) by debbugs.gnu.org; 24 Feb 2012 18:47:51 +0000 Received: from localhost ([127.0.0.1]:54495 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.72) (envelope-from ) id 1S10BJ-0000Fe-3N for submit@debbugs.gnu.org; Fri, 24 Feb 2012 13:47:51 -0500 Received: from smtp.cs.ucla.edu ([131.179.128.62]:48567) by debbugs.gnu.org with esmtp (Exim 4.72) (envelope-from ) id 1S10BF-0000FQ-NR for 8391@debbugs.gnu.org; Fri, 24 Feb 2012 13:47:47 -0500 Received: from localhost (localhost.localdomain [127.0.0.1]) by smtp.cs.ucla.edu (Postfix) with ESMTP id 39D5FA60003; Fri, 24 Feb 2012 10:45:05 -0800 (PST) X-Virus-Scanned: amavisd-new at smtp.cs.ucla.edu Received: from smtp.cs.ucla.edu ([127.0.0.1]) by localhost (smtp.cs.ucla.edu [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id eHb9uLZRzxY0; Fri, 24 Feb 2012 10:45:04 -0800 (PST) Received: from penguin.cs.ucla.edu (Penguin.CS.UCLA.EDU [131.179.64.200]) by smtp.cs.ucla.edu (Postfix) with ESMTPSA id ADE60A60002; Fri, 24 Feb 2012 10:45:04 -0800 (PST) Message-ID: <4F47DAAF.2040206@cs.ucla.edu> Date: Fri, 24 Feb 2012 10:45:03 -0800 From: Paul Eggert Organization: UCLA Computer Science Department User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:10.0) Gecko/20120131 Thunderbird/10.0 MIME-Version: 1.0 References: <4D9442D4.6040409@computersalat.de> <4D94B9EF.1010607@redhat.com> <4D94C718.5080000@computersalat.de> <4D94CDE2.4090003@cs.ucla.edu> <4D94DCFA.8000306@computersalat.de> <4D94E0E8.8070201@redhat.com> <1301907858.3062.15.camel@dhcp-24-196.brq.redhat.com> <1330087997.8460.32.camel@dhcp-24-196.brq.redhat.com> <4F47B45A.1020607@cs.ucla.edu> <1330108052.32306.49.camel@dhcp-24-196.brq.redhat.com> In-Reply-To: <1330108052.32306.49.camel@dhcp-24-196.brq.redhat.com> Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 7bit X-Spam-Score: -1.9 (-) X-BeenThere: debbugs-submit@debbugs.gnu.org X-Mailman-Version: 2.1.13 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Sender: debbugs-submit-bounces@debbugs.gnu.org Errors-To: debbugs-submit-bounces@debbugs.gnu.org X-Spam-Score: -1.9 (-) On 02/24/2012 10:27 AM, Ondrej Vasik wrote: > Leading = probably makes sense, however the request in > https://bugzilla.redhat.com/show_bug.cgi?id=691466 was talking about > support for octal digits only The original request was that "chmod 0755 dir" should clear the setuid bits. We're not satisfying that exact request; we're merely trying to find a way to satisfy the intent of the request, which as I understand it is the need in shell scripts to use an octal mode to specify all the permissions bits of a directory. > (and leading = seems to me like a hybrid > mode - which would make the required changes in legacy scripts for > compatibility with old chmod even harder) Sorry, I don't follow -- either way, legacy scripts would need to be changed. It's no harder in a script to prepend a leading '=' than to prepend a leading '0'. And the advantage of '=' is that it's clearer to everybody that a GNU extension is being used; also, '=' avoids the tricky business about five-or-more digits, which is confusing. If '=' is confusing because it's used in symbolic modes, we can choose some otherwise-unused character, such as '@'. > and would definitely mean > some changes to gnulib's mode_compile(). No matter what notation we adopt, the change should be in mode_compile, not in chmod.c. Otherwise, "mkdir -m MODE DIR" will behave differently from "chmod MODE DIR", and that'll add confusion. I hope the change can be limited to mode_compile, to mode_adjust, and to the user documentation. chmod.c shouldn't need any changes (nor should mkdir.c). > But mode_compile() still computes the correct mode from the octal > digits, mode_adjust() cleans the setgid/setuid bits from it (based on > the dir boolean). Yes, and the point is that these properties would still be true if we limited the code changes to mode_compile and mode_adjust. From unknown Sun Jun 22 22:45:54 2025 X-Loop: help-debbugs@gnu.org Subject: bug#8391: chmod setuid & setguid bits Resent-From: Ondrej Vasik Original-Sender: debbugs-submit-bounces@debbugs.gnu.org Resent-CC: bug-coreutils@gnu.org Resent-Date: Fri, 24 Feb 2012 19:08:02 +0000 Resent-Message-ID: Resent-Sender: help-debbugs@gnu.org X-GNU-PR-Message: followup 8391 X-GNU-PR-Package: coreutils X-GNU-PR-Keywords: To: Paul Eggert Cc: chris@computersalat.de, Eric Blake , 8391@debbugs.gnu.org Reply-To: ovasik@redhat.com Received: via spool by 8391-submit@debbugs.gnu.org id=B8391.13301104762723 (code B ref 8391); Fri, 24 Feb 2012 19:08:02 +0000 Received: (at 8391) by debbugs.gnu.org; 24 Feb 2012 19:07:56 +0000 Received: from localhost ([127.0.0.1]:54504 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.72) (envelope-from ) id 1S10Uj-0000hq-7b for submit@debbugs.gnu.org; Fri, 24 Feb 2012 14:07:55 -0500 Received: from mx1.redhat.com ([209.132.183.28]:19687) by debbugs.gnu.org with esmtp (Exim 4.72) (envelope-from ) id 1S10Uf-0000hh-IP for 8391@debbugs.gnu.org; Fri, 24 Feb 2012 14:07:51 -0500 Received: from int-mx11.intmail.prod.int.phx2.redhat.com (int-mx11.intmail.prod.int.phx2.redhat.com [10.5.11.24]) by mx1.redhat.com (8.14.4/8.14.4) with ESMTP id q1OJ59Lt029886 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=OK); Fri, 24 Feb 2012 14:05:10 -0500 Received: from [10.3.236.102] (vpn-236-102.phx2.redhat.com [10.3.236.102]) by int-mx11.intmail.prod.int.phx2.redhat.com (8.14.4/8.14.4) with ESMTP id q1OJ57Xa004736; Fri, 24 Feb 2012 14:05:08 -0500 From: Ondrej Vasik In-Reply-To: <4F47DAAF.2040206@cs.ucla.edu> References: <4D9442D4.6040409@computersalat.de> <4D94B9EF.1010607@redhat.com> <4D94C718.5080000@computersalat.de> <4D94CDE2.4090003@cs.ucla.edu> <4D94DCFA.8000306@computersalat.de> <4D94E0E8.8070201@redhat.com> <1301907858.3062.15.camel@dhcp-24-196.brq.redhat.com> <1330087997.8460.32.camel@dhcp-24-196.brq.redhat.com> <4F47B45A.1020607@cs.ucla.edu> <1330108052.32306.49.camel@dhcp-24-196.brq.redhat.com> <4F47DAAF.2040206@cs.ucla.edu> Content-Type: text/plain; charset="UTF-8" Organization: Red Hat, Inc. Date: Fri, 24 Feb 2012 20:05:06 +0100 Message-ID: <1330110306.32306.65.camel@dhcp-24-196.brq.redhat.com> Mime-Version: 1.0 Content-Transfer-Encoding: 7bit X-Scanned-By: MIMEDefang 2.68 on 10.5.11.24 X-Spam-Score: -6.9 (------) X-BeenThere: debbugs-submit@debbugs.gnu.org X-Mailman-Version: 2.1.13 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Sender: debbugs-submit-bounces@debbugs.gnu.org Errors-To: debbugs-submit-bounces@debbugs.gnu.org X-Spam-Score: -6.9 (------) On Fri, 2012-02-24 at 10:45 -0800, Paul Eggert wrote: > On 02/24/2012 10:27 AM, Ondrej Vasik wrote: > > > Leading = probably makes sense, however the request in > > https://bugzilla.redhat.com/show_bug.cgi?id=691466 was talking about > > support for octal digits only > > The original request was that "chmod 0755 dir" should clear > the setuid bits. We're not satisfying that exact request; > we're merely trying to find a way to satisfy the intent > of the request, which as I understand it is the need in > shell scripts to use an octal mode to specify all the permissions > bits of a directory. Yes, original request in this bugzilla was about change in behaviour between RHEL-5 and RHEL-6 ... and we are not satisfying that exact request - however, requester was fine with double zero 5+ octal digit approach. > > (and leading = seems to me like a hybrid > > mode - which would make the required changes in legacy scripts for > > compatibility with old chmod even harder) > > Sorry, I don't follow -- either way, legacy scripts would need > to be changed. It's no harder in a script to prepend a leading > '=' than to prepend a leading '0'. And the advantage of '=' is > that it's clearer to everybody that a GNU extension is being used; > also, '=' avoids the tricky business about five-or-more digits, which is > confusing. Yes, but 00755 is still octal digit (and easy to get with printf %5.5o from shorter octal digit mode, and probably easy to use further in scripts without modifications)... adding any other character would mean incompatibility with previous/other versions of chmod. > If '=' is confusing because it's used in symbolic > modes, we can choose some otherwise-unused character, > such as '@'. > > > and would definitely mean > > some changes to gnulib's mode_compile(). > > No matter what notation we adopt, the change should be in mode_compile, > not in chmod.c. Otherwise, "mkdir -m MODE DIR" will behave differently > from "chmod MODE DIR", and that'll add confusion. > > I hope the change can be limited to mode_compile, > to mode_adjust, and to the user documentation. chmod.c shouldn't > need any changes (nor should mkdir.c). (and probably tests in coreutils testsuite) Thanks for your comments, so it seems that the correct approach will be to add new flag to special operations flag enum in mode_change - and to do the changes in gnulib. > > > But mode_compile() still computes the correct mode from the octal > > digits, mode_adjust() cleans the setgid/setuid bits from it (based on > > the dir boolean). > > Yes, and the point is that these properties would still be true if > we limited the code changes to mode_compile and mode_adjust. From unknown Sun Jun 22 22:45:54 2025 X-Loop: help-debbugs@gnu.org Subject: bug#8391: chmod setuid & setguid bits Resent-From: Paul Eggert Original-Sender: debbugs-submit-bounces@debbugs.gnu.org Resent-CC: bug-coreutils@gnu.org Resent-Date: Fri, 24 Feb 2012 19:26:01 +0000 Resent-Message-ID: Resent-Sender: help-debbugs@gnu.org X-GNU-PR-Message: followup 8391 X-GNU-PR-Package: coreutils X-GNU-PR-Keywords: To: ovasik@redhat.com Cc: chris@computersalat.de, Eric Blake , 8391@debbugs.gnu.org Received: via spool by 8391-submit@debbugs.gnu.org id=B8391.13301115394241 (code B ref 8391); Fri, 24 Feb 2012 19:26:01 +0000 Received: (at 8391) by debbugs.gnu.org; 24 Feb 2012 19:25:39 +0000 Received: from localhost ([127.0.0.1]:54513 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.72) (envelope-from ) id 1S10lu-00016M-Vw for submit@debbugs.gnu.org; Fri, 24 Feb 2012 14:25:39 -0500 Received: from smtp.cs.ucla.edu ([131.179.128.62]:56389) by debbugs.gnu.org with esmtp (Exim 4.72) (envelope-from ) id 1S10lr-000164-Q6 for 8391@debbugs.gnu.org; Fri, 24 Feb 2012 14:25:37 -0500 Received: from localhost (localhost.localdomain [127.0.0.1]) by smtp.cs.ucla.edu (Postfix) with ESMTP id E4E18A60003; Fri, 24 Feb 2012 11:22:54 -0800 (PST) X-Virus-Scanned: amavisd-new at smtp.cs.ucla.edu Received: from smtp.cs.ucla.edu ([127.0.0.1]) by localhost (smtp.cs.ucla.edu [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id Twh0fUmjL7Kn; Fri, 24 Feb 2012 11:22:54 -0800 (PST) Received: from penguin.cs.ucla.edu (Penguin.CS.UCLA.EDU [131.179.64.200]) by smtp.cs.ucla.edu (Postfix) with ESMTPSA id 92B85A60002; Fri, 24 Feb 2012 11:22:54 -0800 (PST) Message-ID: <4F47E38E.9080604@cs.ucla.edu> Date: Fri, 24 Feb 2012 11:22:54 -0800 From: Paul Eggert Organization: UCLA Computer Science Department User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:10.0) Gecko/20120131 Thunderbird/10.0 MIME-Version: 1.0 References: <4D9442D4.6040409@computersalat.de> <4D94B9EF.1010607@redhat.com> <4D94C718.5080000@computersalat.de> <4D94CDE2.4090003@cs.ucla.edu> <4D94DCFA.8000306@computersalat.de> <4D94E0E8.8070201@redhat.com> <1301907858.3062.15.camel@dhcp-24-196.brq.redhat.com> <1330087997.8460.32.camel@dhcp-24-196.brq.redhat.com> <4F47B45A.1020607@cs.ucla.edu> <1330108052.32306.49.camel@dhcp-24-196.brq.redhat.com> <4F47DAAF.2040206@cs.ucla.edu> <1330110306.32306.65.camel@dhcp-24-196.brq.redhat.com> In-Reply-To: <1330110306.32306.65.camel@dhcp-24-196.brq.redhat.com> Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 7bit X-Spam-Score: -1.9 (-) X-BeenThere: debbugs-submit@debbugs.gnu.org X-Mailman-Version: 2.1.13 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Sender: debbugs-submit-bounces@debbugs.gnu.org Errors-To: debbugs-submit-bounces@debbugs.gnu.org X-Spam-Score: -1.9 (-) On 02/24/2012 11:05 AM, Ondrej Vasik wrote: > requester was fine with double zero 5+ octal digit > approach. I expect the requester would also be fine with a leading-'@' approach. All the requester wanted was *some* solution. > 00755 is still octal digit (and easy to get with printf %5.5o > from shorter octal digit mode, and probably easy to use further in > scripts without modifications) Sorry, I don't follow. If I have a decimal mode 'mode' in a script, then this: chmod @$(printf %o $mode) DIR is easier and simpler than this: chmod $(printf %5.5o $mode) DIR The "5.5o" is tricky: Why *two* "5"s? and who can remember which "5" is really needed, and why, right off the bat? and remember why "5", and not "4" or "6"? The "@" is simple. From unknown Sun Jun 22 22:45:54 2025 X-Loop: help-debbugs@gnu.org Subject: bug#8391: chmod setuid & setguid bits Resent-From: Ondrej Vasik Original-Sender: debbugs-submit-bounces@debbugs.gnu.org Resent-CC: bug-coreutils@gnu.org Resent-Date: Fri, 24 Feb 2012 19:37:03 +0000 Resent-Message-ID: Resent-Sender: help-debbugs@gnu.org X-GNU-PR-Message: followup 8391 X-GNU-PR-Package: coreutils X-GNU-PR-Keywords: To: Paul Eggert Cc: chris@computersalat.de, Eric Blake , 8391@debbugs.gnu.org Reply-To: ovasik@redhat.com Received: via spool by 8391-submit@debbugs.gnu.org id=B8391.13301121745201 (code B ref 8391); Fri, 24 Feb 2012 19:37:03 +0000 Received: (at 8391) by debbugs.gnu.org; 24 Feb 2012 19:36:14 +0000 Received: from localhost ([127.0.0.1]:54522 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.72) (envelope-from ) id 1S10w8-0001Lo-FD for submit@debbugs.gnu.org; Fri, 24 Feb 2012 14:36:14 -0500 Received: from mx1.redhat.com ([209.132.183.28]:33895) by debbugs.gnu.org with esmtp (Exim 4.72) (envelope-from ) id 1S10w5-0001Le-7m for 8391@debbugs.gnu.org; Fri, 24 Feb 2012 14:36:11 -0500 Received: from int-mx02.intmail.prod.int.phx2.redhat.com (int-mx02.intmail.prod.int.phx2.redhat.com [10.5.11.12]) by mx1.redhat.com (8.14.4/8.14.4) with ESMTP id q1OJXTd5028981 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=OK); Fri, 24 Feb 2012 14:33:30 -0500 Received: from [10.3.236.102] (vpn-236-102.phx2.redhat.com [10.3.236.102]) by int-mx02.intmail.prod.int.phx2.redhat.com (8.13.8/8.13.8) with ESMTP id q1OJXRsl020229; Fri, 24 Feb 2012 14:33:28 -0500 From: Ondrej Vasik In-Reply-To: <4F47E38E.9080604@cs.ucla.edu> References: <4D9442D4.6040409@computersalat.de> <4D94B9EF.1010607@redhat.com> <4D94C718.5080000@computersalat.de> <4D94CDE2.4090003@cs.ucla.edu> <4D94DCFA.8000306@computersalat.de> <4D94E0E8.8070201@redhat.com> <1301907858.3062.15.camel@dhcp-24-196.brq.redhat.com> <1330087997.8460.32.camel@dhcp-24-196.brq.redhat.com> <4F47B45A.1020607@cs.ucla.edu> <1330108052.32306.49.camel@dhcp-24-196.brq.redhat.com> <4F47DAAF.2040206@cs.ucla.edu> <1330110306.32306.65.camel@dhcp-24-196.brq.redhat.com> <4F47E38E.9080604@cs.ucla.edu> Content-Type: text/plain; charset="UTF-8" Organization: Red Hat, Inc. Date: Fri, 24 Feb 2012 20:33:26 +0100 Message-ID: <1330112006.32306.82.camel@dhcp-24-196.brq.redhat.com> Mime-Version: 1.0 Content-Transfer-Encoding: 7bit X-Scanned-By: MIMEDefang 2.67 on 10.5.11.12 X-Spam-Score: -6.9 (------) X-BeenThere: debbugs-submit@debbugs.gnu.org X-Mailman-Version: 2.1.13 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Sender: debbugs-submit-bounces@debbugs.gnu.org Errors-To: debbugs-submit-bounces@debbugs.gnu.org X-Spam-Score: -6.9 (------) On Fri, 2012-02-24 at 11:22 -0800, Paul Eggert wrote: > On 02/24/2012 11:05 AM, Ondrej Vasik wrote: > > requester was fine with double zero 5+ octal digit > > approach. > > I expect the requester would also be fine with a leading-'@' > approach. All the requester wanted was *some* solution. > > > > 00755 is still octal digit (and easy to get with printf %5.5o > > from shorter octal digit mode, and probably easy to use further in > > scripts without modifications) > > Sorry, I don't follow. If I have a decimal mode 'mode' in a script, > then this: > > chmod @$(printf %o $mode) DIR > > is easier and simpler than this: > > chmod $(printf %5.5o $mode) DIR > > The "5.5o" is tricky: Why *two* "5"s? > and who can remember which "5" is really needed, and why, > right off the bat? and remember why "5", and not "4" or "6"? > > The "@" is simple. Yes, but `chmod @755 DIR' approach will not let you to write a script which will work without modification on RHEL-4,RHEL-5 and RHEL-6 machine... which is not the case with fully octal mode. That's what I'm trying to say with "you still have octal digit". This %5.5o was more about "easy" change to their script which will allow them to use one script on everything again... This kind of approach (one script for more systems) is very common in enterprise area - and without possibility of doing that, requester will not be fine with the solution. Greetings, Ondrej From unknown Sun Jun 22 22:45:54 2025 X-Loop: help-debbugs@gnu.org Subject: bug#8391: chmod setuid & setguid bits Resent-From: Paul Eggert Original-Sender: debbugs-submit-bounces@debbugs.gnu.org Resent-CC: bug-coreutils@gnu.org Resent-Date: Fri, 24 Feb 2012 19:51:01 +0000 Resent-Message-ID: Resent-Sender: help-debbugs@gnu.org X-GNU-PR-Message: followup 8391 X-GNU-PR-Package: coreutils X-GNU-PR-Keywords: To: ovasik@redhat.com Cc: chris@computersalat.de, Eric Blake , 8391@debbugs.gnu.org Received: via spool by 8391-submit@debbugs.gnu.org id=B8391.13301130216653 (code B ref 8391); Fri, 24 Feb 2012 19:51:01 +0000 Received: (at 8391) by debbugs.gnu.org; 24 Feb 2012 19:50:21 +0000 Received: from localhost ([127.0.0.1]:54555 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.72) (envelope-from ) id 1S119m-0001jE-SM for submit@debbugs.gnu.org; Fri, 24 Feb 2012 14:50:20 -0500 Received: from smtp.cs.ucla.edu ([131.179.128.62]:48809) by debbugs.gnu.org with esmtp (Exim 4.72) (envelope-from ) id 1S119j-0001iq-JF for 8391@debbugs.gnu.org; Fri, 24 Feb 2012 14:50:16 -0500 Received: from localhost (localhost.localdomain [127.0.0.1]) by smtp.cs.ucla.edu (Postfix) with ESMTP id B321AA60002; Fri, 24 Feb 2012 11:47:34 -0800 (PST) X-Virus-Scanned: amavisd-new at smtp.cs.ucla.edu Received: from smtp.cs.ucla.edu ([127.0.0.1]) by localhost (smtp.cs.ucla.edu [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id gUGaOOgIzULX; Fri, 24 Feb 2012 11:47:34 -0800 (PST) Received: from penguin.cs.ucla.edu (Penguin.CS.UCLA.EDU [131.179.64.200]) by smtp.cs.ucla.edu (Postfix) with ESMTPSA id 4006239E800C; Fri, 24 Feb 2012 11:47:34 -0800 (PST) Message-ID: <4F47E955.2030708@cs.ucla.edu> Date: Fri, 24 Feb 2012 11:47:33 -0800 From: Paul Eggert Organization: UCLA Computer Science Department User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:10.0) Gecko/20120131 Thunderbird/10.0 MIME-Version: 1.0 References: <4D9442D4.6040409@computersalat.de> <4D94B9EF.1010607@redhat.com> <4D94C718.5080000@computersalat.de> <4D94CDE2.4090003@cs.ucla.edu> <4D94DCFA.8000306@computersalat.de> <4D94E0E8.8070201@redhat.com> <1301907858.3062.15.camel@dhcp-24-196.brq.redhat.com> <1330087997.8460.32.camel@dhcp-24-196.brq.redhat.com> <4F47B45A.1020607@cs.ucla.edu> <1330108052.32306.49.camel@dhcp-24-196.brq.redhat.com> <4F47DAAF.2040206@cs.ucla.edu> <1330110306.32306.65.camel@dhcp-24-196.brq.redhat.com> <4F47E38E.9080604@cs.ucla.edu> <1330112006.32306.82.camel@dhcp-24-196.brq.redhat.com> In-Reply-To: <1330112006.32306.82.camel@dhcp-24-196.brq.redhat.com> Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 7bit X-Spam-Score: -1.9 (-) X-BeenThere: debbugs-submit@debbugs.gnu.org X-Mailman-Version: 2.1.13 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Sender: debbugs-submit-bounces@debbugs.gnu.org Errors-To: debbugs-submit-bounces@debbugs.gnu.org X-Spam-Score: -1.9 (-) On 02/24/2012 11:33 AM, Ondrej Vasik wrote: > Yes, but `chmod @755 DIR' approach will not let you to write a script > which will work without modification on RHEL-4,RHEL-5 and RHEL-6 > machine... None of these approaches will let you write a script that will work without modification on any POSIX platform. If one wants to be portable, one must use the symbolic notation, not the octal. None of these approaches will even let you write a script that will work without modification on any RHEL platform. This is because some RHEL platforms use the newer coreutils. Still, I take your point that the 5-or-more-digit approach will let you write scripts that will run on all POSIX platforms without a diagnostic (though perhaps not with the desired effect). And these scripts will run and have the desired effect if you know that your scripts will run only on a particular subset of POSIX platforms, one where the effect is the one desired. How about this idea for a compromise? Implement both notations, but recommend leading '@' for future scripts. It's more likely that a notation like leading-'@' would be adopted by future POSIX versions, since it's a pure extension, whereas the 5-or-more-digit approach is incompatible with some POSIX systems now. And if leading-'@' is adopted by POSIX, there would eventually be a portable way to do what the requester wants. Personally I'd be more inclined to go with a pure '@' solution, since it's simpler and the portability gains of the compromise are not all that great; but I guess the compromise would be OK too. From unknown Sun Jun 22 22:45:54 2025 X-Loop: help-debbugs@gnu.org Subject: bug#8391: chmod setuid & setguid bits Resent-From: Eric Blake Original-Sender: debbugs-submit-bounces@debbugs.gnu.org Resent-CC: bug-coreutils@gnu.org Resent-Date: Fri, 24 Feb 2012 19:52:02 +0000 Resent-Message-ID: Resent-Sender: help-debbugs@gnu.org X-GNU-PR-Message: followup 8391 X-GNU-PR-Package: coreutils X-GNU-PR-Keywords: To: ovasik@redhat.com Cc: chris@computersalat.de, Paul Eggert , 8391@debbugs.gnu.org Received: via spool by 8391-submit@debbugs.gnu.org id=B8391.13301130956810 (code B ref 8391); Fri, 24 Feb 2012 19:52:02 +0000 Received: (at 8391) by debbugs.gnu.org; 24 Feb 2012 19:51:35 +0000 Received: from localhost ([127.0.0.1]:54563 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.72) (envelope-from ) id 1S11B1-0001ln-9f for submit@debbugs.gnu.org; Fri, 24 Feb 2012 14:51:35 -0500 Received: from mx1.redhat.com ([209.132.183.28]:27139) by debbugs.gnu.org with esmtp (Exim 4.72) (envelope-from ) id 1S11Av-0001lZ-UF for 8391@debbugs.gnu.org; Fri, 24 Feb 2012 14:51:33 -0500 Received: from int-mx11.intmail.prod.int.phx2.redhat.com (int-mx11.intmail.prod.int.phx2.redhat.com [10.5.11.24]) by mx1.redhat.com (8.14.4/8.14.4) with ESMTP id q1OJmpEq014794 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=OK); Fri, 24 Feb 2012 14:48:51 -0500 Received: from [10.3.113.113] (ovpn-113-113.phx2.redhat.com [10.3.113.113]) by int-mx11.intmail.prod.int.phx2.redhat.com (8.14.4/8.14.4) with ESMTP id q1OJmo7Z022078; Fri, 24 Feb 2012 14:48:50 -0500 Message-ID: <4F47E9A1.10007@redhat.com> Date: Fri, 24 Feb 2012 12:48:49 -0700 From: Eric Blake Organization: Red Hat User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:10.0.1) Gecko/20120209 Thunderbird/10.0.1 MIME-Version: 1.0 References: <4D9442D4.6040409@computersalat.de> <4D94B9EF.1010607@redhat.com> <4D94C718.5080000@computersalat.de> <4D94CDE2.4090003@cs.ucla.edu> <4D94DCFA.8000306@computersalat.de> <4D94E0E8.8070201@redhat.com> <1301907858.3062.15.camel@dhcp-24-196.brq.redhat.com> <1330087997.8460.32.camel@dhcp-24-196.brq.redhat.com> <4F47B45A.1020607@cs.ucla.edu> <1330108052.32306.49.camel@dhcp-24-196.brq.redhat.com> <4F47DAAF.2040206@cs.ucla.edu> <1330110306.32306.65.camel@dhcp-24-196.brq.redhat.com> <4F47E38E.9080604@cs.ucla.edu> <1330112006.32306.82.camel@dhcp-24-196.brq.redhat.com> In-Reply-To: <1330112006.32306.82.camel@dhcp-24-196.brq.redhat.com> X-Enigmail-Version: 1.3.5 OpenPGP: url=http://people.redhat.com/eblake/eblake.gpg Content-Type: multipart/signed; micalg=pgp-sha256; protocol="application/pgp-signature"; boundary="------------enig856A80442CA3DE4FFE226913" X-Scanned-By: MIMEDefang 2.68 on 10.5.11.24 X-Spam-Score: -6.9 (------) X-BeenThere: debbugs-submit@debbugs.gnu.org X-Mailman-Version: 2.1.13 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Sender: debbugs-submit-bounces@debbugs.gnu.org Errors-To: debbugs-submit-bounces@debbugs.gnu.org X-Spam-Score: -6.9 (------) This is an OpenPGP/MIME signed message (RFC 2440 and 3156) --------------enig856A80442CA3DE4FFE226913 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: quoted-printable On 02/24/2012 12:33 PM, Ondrej Vasik wrote: >> Sorry, I don't follow. If I have a decimal mode 'mode' in a script, >> then this: >> >> chmod @$(printf %o $mode) DIR >> >> is easier and simpler than this: >> >> chmod $(printf %5.5o $mode) DIR >> >> The "5.5o" is tricky: Why *two* "5"s? By that argument, this is also equally simple: chmod 0000$(printf %o $mode) DIR >> and who can remember which "5" is really needed, and why, >> right off the bat? and remember why "5", and not "4" or "6"? >> >> The "@" is simple. s/@/0000/, and you have your distro-agnostic prefix. >=20 > Yes, but `chmod @755 DIR' approach will not let you to write a script > which will work without modification on RHEL-4,RHEL-5 and RHEL-6 > machine... which is not the case with fully octal mode. That's what I'm= > trying to say with "you still have octal digit". This %5.5o was more > about "easy" change to their script which will allow them to use one > script on everything again... > This kind of approach (one script for more systems) is very common in > enterprise area - and without possibility of doing that, requester will= > not be fine with the solution. And it's arguments like that why I still think multiple leading zeros is better than any other prefix. --=20 Eric Blake eblake@redhat.com +1-919-301-3266 Libvirt virtualization library http://libvirt.org --------------enig856A80442CA3DE4FFE226913 Content-Type: application/pgp-signature; name="signature.asc" Content-Description: OpenPGP digital signature Content-Disposition: attachment; filename="signature.asc" -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.12 (GNU/Linux) Comment: Public key at http://people.redhat.com/eblake/eblake.gpg Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/ iQEcBAEBCAAGBQJPR+miAAoJEKeha0olJ0Nq0O4H/RtCJ2G2yxUzCOkr37np4yo9 N4ThVC9QHvj54GIcZjSoY2L8gUyPV6sgy5hWIX3pyenR01NUthzQRrJa6rteDjVs SmccCvgzpcDlcF2b6BseTDGiCXqmzs3RRTFKK1nyfxkl1maSL9joBK/cmu3JVBP4 tyMvDXAgGHgXs7yjJEDXdrtHAfF+819O/Q2jBpSLf8VK58cpjN5t4KiFxij7oqqk VcaFQodOSzhqQG+V+X5wKh7Tr8yda2BNaYei4TGzIbiHS/fE6BJFjE97RlMmfui7 h33MlqLribCi67yLPlf9YNboG7Vh1s40v0Fso7lrlL10zDJYmNt7C480njdPIgI= =r3A7 -----END PGP SIGNATURE----- --------------enig856A80442CA3DE4FFE226913-- From unknown Sun Jun 22 22:45:54 2025 X-Loop: help-debbugs@gnu.org Subject: bug#8391: chmod setuid & setguid bits Resent-From: Paul Eggert Original-Sender: debbugs-submit-bounces@debbugs.gnu.org Resent-CC: bug-coreutils@gnu.org Resent-Date: Fri, 24 Feb 2012 21:07:01 +0000 Resent-Message-ID: Resent-Sender: help-debbugs@gnu.org X-GNU-PR-Message: followup 8391 X-GNU-PR-Package: coreutils X-GNU-PR-Keywords: To: Eric Blake Cc: chris@computersalat.de, ovasik@redhat.com, 8391@debbugs.gnu.org Received: via spool by 8391-submit@debbugs.gnu.org id=B8391.133011757313295 (code B ref 8391); Fri, 24 Feb 2012 21:07:01 +0000 Received: (at 8391) by debbugs.gnu.org; 24 Feb 2012 21:06:13 +0000 Received: from localhost ([127.0.0.1]:54600 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.72) (envelope-from ) id 1S12LB-0003SK-AU for submit@debbugs.gnu.org; Fri, 24 Feb 2012 16:06:11 -0500 Received: from smtp.cs.ucla.edu ([131.179.128.62]:35199) by debbugs.gnu.org with esmtp (Exim 4.72) (envelope-from ) id 1S12L7-0003Ro-64 for 8391@debbugs.gnu.org; Fri, 24 Feb 2012 16:06:07 -0500 Received: from localhost (localhost.localdomain [127.0.0.1]) by smtp.cs.ucla.edu (Postfix) with ESMTP id BEFDE39E800C; Fri, 24 Feb 2012 13:03:23 -0800 (PST) X-Virus-Scanned: amavisd-new at smtp.cs.ucla.edu Received: from smtp.cs.ucla.edu ([127.0.0.1]) by localhost (smtp.cs.ucla.edu [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 3UPFZs5T2nCZ; Fri, 24 Feb 2012 13:03:23 -0800 (PST) Received: from penguin.cs.ucla.edu (Penguin.CS.UCLA.EDU [131.179.64.200]) by smtp.cs.ucla.edu (Postfix) with ESMTPSA id 40CF939E800B; Fri, 24 Feb 2012 13:03:23 -0800 (PST) Message-ID: <4F47FB1A.7030204@cs.ucla.edu> Date: Fri, 24 Feb 2012 13:03:22 -0800 From: Paul Eggert Organization: UCLA Computer Science Department User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:10.0) Gecko/20120131 Thunderbird/10.0 MIME-Version: 1.0 References: <4D9442D4.6040409@computersalat.de> <4D94B9EF.1010607@redhat.com> <4D94C718.5080000@computersalat.de> <4D94CDE2.4090003@cs.ucla.edu> <4D94DCFA.8000306@computersalat.de> <4D94E0E8.8070201@redhat.com> <1301907858.3062.15.camel@dhcp-24-196.brq.redhat.com> <1330087997.8460.32.camel@dhcp-24-196.brq.redhat.com> <4F47B45A.1020607@cs.ucla.edu> <1330108052.32306.49.camel@dhcp-24-196.brq.redhat.com> <4F47DAAF.2040206@cs.ucla.edu> <1330110306.32306.65.camel@dhcp-24-196.brq.redhat.com> <4F47E38E.9080604@cs.ucla.edu> <1330112006.32306.82.camel@dhcp-24-196.brq.redhat.com> <4F47E9A1.10007@redhat.com> In-Reply-To: <4F47E9A1.10007@redhat.com> Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 7bit X-Spam-Score: -1.9 (-) X-BeenThere: debbugs-submit@debbugs.gnu.org X-Mailman-Version: 2.1.13 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Sender: debbugs-submit-bounces@debbugs.gnu.org Errors-To: debbugs-submit-bounces@debbugs.gnu.org X-Spam-Score: -1.9 (-) On 02/24/2012 11:48 AM, Eric Blake wrote: > chmod 0000$(printf %o $mode) DIR If this is the suggested use, shouldn't the leading-zero approach require at least *4* leading zeros before the actual octal value? That would remove one of my objections to it, namely, the confusion between "chmod 00755 DIR" (which would clear the setuid bits, if the requirement is 5 or more total digits) and "chmod 0000 DIR" (which would not). > s/@/0000/, and you have your distro-agnostic prefix. Sorry, I don't follow. "chmod 0000755 DIR" will not clear the setuid bits on Solaris, or on some RHEL versions. So no matter what we do, the behavior will not be distro-agnostic. If we want distro-agnostic behavior that solves the problem, we need to start by introducing behavior that will work on our platform but not other platforms, and then hope to convince other platform developers to become compatible. I doubt whether "chmod 0000755 DIR"'s behavior would be standardized by POSIX, because it would invalidate existing implementations. In contrast, "chmod @755 DIR"'s behavior might become part of the standard, if we ask, because it doesn't invalidate existing implementations. So this seems a better way to move forward, if we want the behavior to become portable eventually. From unknown Sun Jun 22 22:45:54 2025 X-Loop: help-debbugs@gnu.org Subject: bug#8391: chmod setuid & setguid bits Resent-From: Ondrej Vasik Original-Sender: debbugs-submit-bounces@debbugs.gnu.org Resent-CC: bug-coreutils@gnu.org Resent-Date: Mon, 05 Mar 2012 14:02:02 +0000 Resent-Message-ID: Resent-Sender: help-debbugs@gnu.org X-GNU-PR-Message: followup 8391 X-GNU-PR-Package: coreutils X-GNU-PR-Keywords: To: Paul Eggert Cc: chris@computersalat.de, bug-gnulib@gnu.org, Eric Blake , 8391@debbugs.gnu.org Reply-To: ovasik@redhat.com Received: via spool by 8391-submit@debbugs.gnu.org id=B8391.13309561137382 (code B ref 8391); Mon, 05 Mar 2012 14:02:02 +0000 Received: (at 8391) by debbugs.gnu.org; 5 Mar 2012 14:01:53 +0000 Received: from localhost ([127.0.0.1]:33872 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.72) (envelope-from ) id 1S4YU4-0001uq-8O for submit@debbugs.gnu.org; Mon, 05 Mar 2012 09:01:53 -0500 Received: from mx1.redhat.com ([209.132.183.28]:5385) by debbugs.gnu.org with esmtp (Exim 4.72) (envelope-from ) id 1S4YTp-0001uR-D1 for 8391@debbugs.gnu.org; Mon, 05 Mar 2012 09:01:40 -0500 Received: from int-mx02.intmail.prod.int.phx2.redhat.com (int-mx02.intmail.prod.int.phx2.redhat.com [10.5.11.12]) by mx1.redhat.com (8.14.4/8.14.4) with ESMTP id q25E0cba021860 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=OK); Mon, 5 Mar 2012 09:00:44 -0500 Received: from [10.34.24.196] (dhcp-24-196.brq.redhat.com [10.34.24.196]) by int-mx02.intmail.prod.int.phx2.redhat.com (8.13.8/8.13.8) with ESMTP id q25E0Z4Z005641; Mon, 5 Mar 2012 09:00:36 -0500 From: Ondrej Vasik In-Reply-To: <4F47E955.2030708@cs.ucla.edu> References: <4D9442D4.6040409@computersalat.de> <4D94B9EF.1010607@redhat.com> <4D94C718.5080000@computersalat.de> <4D94CDE2.4090003@cs.ucla.edu> <4D94DCFA.8000306@computersalat.de> <4D94E0E8.8070201@redhat.com> <1301907858.3062.15.camel@dhcp-24-196.brq.redhat.com> <1330087997.8460.32.camel@dhcp-24-196.brq.redhat.com> <4F47B45A.1020607@cs.ucla.edu> <1330108052.32306.49.camel@dhcp-24-196.brq.redhat.com> <4F47DAAF.2040206@cs.ucla.edu> <1330110306.32306.65.camel@dhcp-24-196.brq.redhat.com> <4F47E38E.9080604@cs.ucla.edu> <1330112006.32306.82.camel@dhcp-24-196.brq.redhat.com> <4F47E955.2030708@cs.ucla.edu> Content-Type: multipart/mixed; boundary="=-R0HOjkO2w2g3s7tzCNpI" Organization: Red Hat, Inc. Date: Mon, 05 Mar 2012 15:00:34 +0100 Message-ID: <1330956034.21887.15.camel@dhcp-24-196.brq.redhat.com> Mime-Version: 1.0 X-Scanned-By: MIMEDefang 2.67 on 10.5.11.12 X-Spam-Score: -6.9 (------) X-BeenThere: debbugs-submit@debbugs.gnu.org X-Mailman-Version: 2.1.13 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Sender: debbugs-submit-bounces@debbugs.gnu.org Errors-To: debbugs-submit-bounces@debbugs.gnu.org X-Spam-Score: -6.9 (------) --=-R0HOjkO2w2g3s7tzCNpI Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: 7bit On Fri, 2012-02-24 at 11:47 -0800, Paul Eggert wrote: > On 02/24/2012 11:33 AM, Ondrej Vasik wrote: > > Yes, but `chmod @755 DIR' approach will not let you to write a script > > which will work without modification on RHEL-4,RHEL-5 and RHEL-6 > > machine... > > None of these approaches will let you write a script that will work > without modification on any POSIX platform. If one wants to be portable, > one must use the symbolic notation, not the octal. > > None of these approaches will even let you write a script that will work > without modification on any RHEL platform. This is because some RHEL > platforms use the newer coreutils. > > Still, I take your point that the 5-or-more-digit approach will let you write > scripts that will run on all POSIX platforms without a diagnostic > (though perhaps not with the desired effect). And these scripts will > run and have the desired effect if you know that your scripts will run > only on a particular subset of POSIX platforms, one where the effect is > the one desired. > > How about this idea for a compromise? Implement both notations, but > recommend leading '@' for future scripts. It's more likely that a notation > like leading-'@' would be adopted by future POSIX versions, since it's a > pure extension, whereas the 5-or-more-digit approach is incompatible with > some POSIX systems now. And if leading-'@' is adopted by POSIX, there would > eventually be a portable way to do what the requester wants. > > Personally I'd be more inclined to go with a pure '@' solution, since > it's simpler and the portability gains of the compromise are not all > that great; but I guess the compromise would be OK too. Hi, both notations implemented via changing gnulib modechange. I didn't add the recommendation for leading '@' yet, as this part will probably need some rewording to better match the standards of coreutils texinfo perm.texi documentation anyway and I don't know how this should be properly written. Both patches (one for gnulib, one for coreutils documentation and testsuite) attached. Greetings, Ondrej Vasik --=-R0HOjkO2w2g3s7tzCNpI Content-Disposition: attachment; filename="coreutils-exactmodeoctal.patch" Content-Type: text/x-patch; name="coreutils-exactmodeoctal.patch"; charset="UTF-8" Content-Transfer-Encoding: 7bit >From 4647a343f5e6c903495fa01a50743af5015552a6 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Ond=C5=99ej=20Va=C5=A1=C3=ADk?= Date: Mon, 5 Mar 2012 14:43:39 +0100 Subject: [PATCH] chmod: Clear special bits for octal modes with 5+ digits or preceeded by @. * NEWS: Mention the changes. * doc/perm.texi (Directory Setuid and Setgid) : Document changes. * tests/chmod/setuid : Check the new behaviour by test. Suggested by Eric Blake. --- NEWS | 4 ++++ doc/perm.texi | 26 +++++++++++++++++++++++--- tests/chmod/setgid | 24 ++++++++++++++++++++++++ 3 files changed, 51 insertions(+), 3 deletions(-) diff --git a/NEWS b/NEWS index 8006669..c0657e2 100644 --- a/NEWS +++ b/NEWS @@ -16,6 +16,10 @@ GNU coreutils NEWS -*- outline -*- split now accepts the --additional-suffix option, to append an additional static suffix to output file names. + chmod, mkdir, install now accept new style of octal mode specification. + When octal mode is preceeded by @ or is 5+ digits long with leading zeros, + it can clear the set user id and set group id bits on directories. + ** Bug fixes mv now lets you move a symlink onto a same-inode destination file that diff --git a/doc/perm.texi b/doc/perm.texi index 84f8500..d1469a9 100644 --- a/doc/perm.texi +++ b/doc/perm.texi @@ -495,7 +495,10 @@ alternative to giving a symbolic mode, you can give an octal (base 8) number that represents the mode. This number is always interpreted in octal; you do not have to add a leading @samp{0}, as you do in C. Mode @samp{0055} is the same as -mode @samp{55}. +mode @samp{55}. However, adding leading zeros to create octal number with +at least 5 digits means that this mode is taken explicitly - so could +clear even the set-user-ID and set-group-ID bits of directories. The +same could be enforced by preceeding the numeric mode by "@@" character. A numeric mode is usually shorter than the corresponding symbolic mode, but it is limited in that normally it cannot take into account the @@ -559,8 +562,11 @@ bits of directories. If commands like @command{chmod} and mechanisms would be less convenient and it would be harder to share files. Therefore, a command like @command{chmod} does not affect the set-user-ID or set-group-ID bits of a directory unless the user -specifically mentions them in a symbolic mode, or sets them in -a numeric mode. For example, on systems that support +specifically mentions them in a symbolic mode, explicitly enforces the +mode by using "@@" character before numeric mode or by at least 5 digits +long octal mode,or when sets them in a numeric mode. + +For example, on systems that support set-group-ID inheritance: @example @@ -598,6 +604,20 @@ explicitly in a symbolic mode, e.g.: chmod a-s D @end example +If you want force the chmod to change directory mode to exact numeric mode +(clear the special bits), you could use at least 5 digit octal mode +or preceed the mode with "@@" character, e.g.: + +@example +# These commands try to clear the set-user-ID +# and set-group-ID bits of directories D and E and set +# their permissions to 0755. +mkdir D E +chmod 6755 D E +chmod 00755 D +chmod @@755 E +@end example + This behavior is a @acronym{GNU} extension. Portable scripts should not rely on requests to set or clear these bits on directories, as @acronym{POSIX} allows implementations to ignore these requests. diff --git a/tests/chmod/setgid b/tests/chmod/setgid index eaa9351..6db6794 100755 --- a/tests/chmod/setgid +++ b/tests/chmod/setgid @@ -45,4 +45,28 @@ chmod 755 d case `ls -ld d` in drwxr-sr-x*);; *) fail=1;; esac +# make sure that it doesn't clear the special bits for 4 digit octal mode +chmod 0755 d +case `ls -ld d` in drwxr-sr-x*);; *) fail=1;; esac + +# make sure that it doesn't clear the special bits for 4 digit octal mode +# with two leading zeros +chmod 0055 d +case `ls -ld d` in d---r-sr-x*);; *) fail=1;; esac + +# make sure that it clears the special bits for 5 digit octal mode with +# leading zero +chmod 00755 d +case `ls -ld d` in drwxr-xr-x*);; *) fail=1;; esac + +# make sure that it clears the special bits even for more leading zeros +# octal digits +chmod 00000755 d +case `ls -ld d` in drwxr-xr-x*);; *) fail=1;; esac + +# make sure that it clears the special bits even for exact mode(@) +chmod @755 d +case `ls -ld d` in drwxr-xr-x*);; *) fail=1;; esac + + Exit $fail -- 1.7.1 --=-R0HOjkO2w2g3s7tzCNpI Content-Disposition: attachment; filename="gnulib-exactmodechange.patch" Content-Type: text/x-patch; name="gnulib-exactmodechange.patch"; charset="UTF-8" Content-Transfer-Encoding: 7bit >From f845b1742ce2f06dd8b6a6fe94e3881f7cd0ff4d Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Ond=C5=99ej=20Va=C5=A1=C3=ADk?= Date: Mon, 5 Mar 2012 10:34:13 +0100 Subject: [PATCH] modechange: Allow cleaning of special bits on dirs when requested As discussed in coreutils bug #8391 and rhbz #691466, some users miss the functionality of cleaning set user id and set group id dir bits by exact octal mode. This functionality was removed by 4e3c4c0478e6e1e81f093b80d8272840a39ca2bd gnulib commit and this patch allows it for 5+ digits octal modes or octal modes preceeded by "@" character. * lib/modechange.c: Allow cleaning of special bits on dirs. (enum): Add new mode flag - MODE_EXACT_CHANGE. (mode_compile): Use MODE_EXACT_CHANGE for 5+ digits octals and octal mode preceeded by @. (mode_adjust): Don't mask the special bit change for MODE_EXACT_CHANGE. --- ChangeLog | 8 ++++++++ lib/modechange.c | 21 ++++++++++++++++++--- 2 files changed, 26 insertions(+), 3 deletions(-) diff --git a/ChangeLog b/ChangeLog index 4ec700f..54b9ffb 100644 --- a/ChangeLog +++ b/ChangeLog @@ -1,3 +1,11 @@ +2012-03-04 Ondrej Vasik + modechange: Allow cleaning of special bits on dirs when requested + * lib/modechange.c: Allow cleaning of special bits on dirs. + (enum): Add new mode flag - MODE_EXACT_CHANGE. + (mode_compile): Use MODE_EXACT_CHANGE for 5+ digits octals and octal + mode preceeded by @. + (mode_adjust): Don't mask the special bit change for MODE_EXACT_CHANGE. + 2012-03-04 Bruno Haible sqrt* tests: More tests. diff --git a/lib/modechange.c b/lib/modechange.c index 4ae90ca..a4741ac 100644 --- a/lib/modechange.c +++ b/lib/modechange.c @@ -32,6 +32,7 @@ #include "stat-macros.h" #include "xalloc.h" #include +#include /* The traditional octal values corresponding to each mode bit. */ #define SUID 04000 @@ -91,7 +92,11 @@ enum /* Instead of the typical case, copy some existing permissions for u, g, or o onto the other two. Which of u, g, or o is copied is determined by which bits are set in the 'value' field. */ - MODE_COPY_EXISTING + MODE_COPY_EXISTING, + + /* Instead of the typical case, we want to enforce the exact + requested mode */ + MODE_EXACT_CHANGE }; /* Description of a mode change. */ @@ -136,6 +141,10 @@ mode_compile (char const *mode_string) /* The array of mode-change directives to be returned. */ struct mode_change *mc; size_t used = 0; + bool exact_change = (strlen(mode_string) > 4 || '@' == *mode_string); + + if ('@' == *mode_string) + mode_string++; if ('0' <= *mode_string && *mode_string < '8') { @@ -156,7 +165,11 @@ mode_compile (char const *mode_string) mode = octal_to_mode (octal_mode); mentioned = (mode & (S_ISUID | S_ISGID)) | S_ISVTX | S_IRWXUGO; - return make_node_op_equals (mode, mentioned); + + mc = make_node_op_equals (mode, mentioned); + if (exact_change) + mc->flag = MODE_EXACT_CHANGE; + return mc; } /* Allocate enough space to hold the result. */ @@ -320,11 +333,13 @@ mode_adjust (mode_t oldmode, bool dir, mode_t umask_value, { mode_t affected = changes->affected; mode_t omit_change = - (dir ? S_ISUID | S_ISGID : 0) & ~ changes->mentioned; + ((dir && changes->flag != MODE_EXACT_CHANGE) ? + S_ISUID | S_ISGID : 0) & ~ changes->mentioned; mode_t value = changes->value; switch (changes->flag) { + case MODE_EXACT_CHANGE: case MODE_ORDINARY_CHANGE: break; -- 1.7.1 --=-R0HOjkO2w2g3s7tzCNpI-- From unknown Sun Jun 22 22:45:54 2025 X-Loop: help-debbugs@gnu.org Subject: bug#8391: chmod setuid & setguid bits Resent-From: Bruno Haible Original-Sender: debbugs-submit-bounces@debbugs.gnu.org Resent-CC: bug-coreutils@gnu.org Resent-Date: Mon, 05 Mar 2012 16:44:01 +0000 Resent-Message-ID: Resent-Sender: help-debbugs@gnu.org X-GNU-PR-Message: followup 8391 X-GNU-PR-Package: coreutils X-GNU-PR-Keywords: To: bug-gnulib@gnu.org, ovasik@redhat.com Cc: chris@computersalat.de, Paul Eggert , Eric Blake , 8391@debbugs.gnu.org Received: via spool by 8391-submit@debbugs.gnu.org id=B8391.133096580321933 (code B ref 8391); Mon, 05 Mar 2012 16:44:01 +0000 Received: (at 8391) by debbugs.gnu.org; 5 Mar 2012 16:43:23 +0000 Received: from localhost ([127.0.0.1]:34362 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.72) (envelope-from ) id 1S4b0H-0005hR-Sg for submit@debbugs.gnu.org; Mon, 05 Mar 2012 11:43:23 -0500 Received: from mo-p00-ob.rzone.de ([81.169.146.162]:12042) by debbugs.gnu.org with esmtp (Exim 4.72) (envelope-from ) id 1S4azq-0005gW-Qg for 8391@debbugs.gnu.org; Mon, 05 Mar 2012 11:43:06 -0500 DKIM-Signature: v=1; a=rsa-sha1; c=relaxed/relaxed; t=1330965721; l=737; s=domk; d=haible.de; h=Content-Type:Content-Transfer-Encoding:MIME-Version:References: In-Reply-To:Date:Subject:Cc:To:From:X-RZG-CLASS-ID:X-RZG-AUTH; bh=Qoe9JNqXFvZdnatLd9ILtRRe6qA=; b=CT4VLtece6zBDTCojDW2d5bfj24CyTrfE1Wg31sLo3CkNwyYcsYuA7Y0Bz2kE1Dpmm6 07hQPWcaHN0rFCyl3drF/C9IgKbYxAjqSa99psnOOuRxi/KUXNlA2aAl4R87w7IThcqPB Y5PXXjlfdyo1JMIH7kO21ioYbOIJi3S9l4o= X-RZG-AUTH: :Ln4Re0+Ic/6oZXR1YgKryK8brksyK8dozXDwHXjf9hj/zDNRbvY44zMkpA== X-RZG-CLASS-ID: mo00 Received: from linuix.haible.de (dslb-088-068-070-142.pools.arcor-ip.net [88.68.70.142]) by smtp.strato.de (klopstock mo12) (RZmta 27.7 DYNA|AUTH) with ESMTPA id N0752eo25Ex9so ; Mon, 5 Mar 2012 17:41:47 +0100 (MET) From: Bruno Haible Date: Mon, 05 Mar 2012 17:42:08 +0100 Message-ID: <2411505.tSNBBOCSkd@linuix> User-Agent: KMail/4.7.4 (Linux/3.1.0-1.2-desktop; KDE/4.7.4; x86_64; ; ) In-Reply-To: <1330956034.21887.15.camel@dhcp-24-196.brq.redhat.com> References: <4D9442D4.6040409@computersalat.de> <4F47E955.2030708@cs.ucla.edu> <1330956034.21887.15.camel@dhcp-24-196.brq.redhat.com> MIME-Version: 1.0 Content-Transfer-Encoding: 7Bit Content-Type: text/plain; charset="us-ascii" X-Spam-Score: -1.9 (-) X-BeenThere: debbugs-submit@debbugs.gnu.org X-Mailman-Version: 2.1.13 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Sender: debbugs-submit-bounces@debbugs.gnu.org Errors-To: debbugs-submit-bounces@debbugs.gnu.org X-Spam-Score: -1.9 (-) Ondrej Vasik cited Paul Eggert: > > recommend leading '@' for future scripts. This use of '@' in a mode string conflicts with the use of '@' on MacOS X 10.5 and newer to designate "extended attributes" (like quarantine information on MacOS X 10.7). $ /bin/ls -l /etc/ntp.conf -rw-r--r--@ 1 root wheel 27 Apr 5 2008 /etc/ntp.conf $ /bin/ls -l@ /etc/ntp.conf -rw-r--r--@ 1 root wheel 27 Apr 5 2008 /etc/ntp.conf com.apple.TextEncoding 15 You can see that both in the mode string (-rw-r--r--@) as well as among the '/bin/ls' command-line option, the '@' has the meaning "extended attributes". Having GNU coreutils interpret "@rw-r--r--" in a completely different way would be counterintuive and confusing. Bruno From unknown Sun Jun 22 22:45:54 2025 X-Loop: help-debbugs@gnu.org Subject: bug#8391: chmod setuid & setguid bits Resent-From: Paul Eggert Original-Sender: debbugs-submit-bounces@debbugs.gnu.org Resent-CC: bug-coreutils@gnu.org Resent-Date: Mon, 05 Mar 2012 16:53:01 +0000 Resent-Message-ID: Resent-Sender: help-debbugs@gnu.org X-GNU-PR-Message: followup 8391 X-GNU-PR-Package: coreutils X-GNU-PR-Keywords: To: Bruno Haible Cc: chris@computersalat.de, Eric Blake , bug-gnulib@gnu.org, ovasik@redhat.com, 8391@debbugs.gnu.org Received: via spool by 8391-submit@debbugs.gnu.org id=B8391.133096634922720 (code B ref 8391); Mon, 05 Mar 2012 16:53:01 +0000 Received: (at 8391) by debbugs.gnu.org; 5 Mar 2012 16:52:29 +0000 Received: from localhost ([127.0.0.1]:34366 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.72) (envelope-from ) id 1S4b99-0005uD-UE for submit@debbugs.gnu.org; Mon, 05 Mar 2012 11:52:29 -0500 Received: from smtp.cs.ucla.edu ([131.179.128.62]:55870) by debbugs.gnu.org with esmtp (Exim 4.72) (envelope-from ) id 1S4b8x-0005tY-84 for 8391@debbugs.gnu.org; Mon, 05 Mar 2012 11:52:16 -0500 Received: from localhost (localhost.localdomain [127.0.0.1]) by smtp.cs.ucla.edu (Postfix) with ESMTP id 7935939E800B; Mon, 5 Mar 2012 08:51:25 -0800 (PST) X-Virus-Scanned: amavisd-new at smtp.cs.ucla.edu Received: from smtp.cs.ucla.edu ([127.0.0.1]) by localhost (smtp.cs.ucla.edu [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id h6N5mKuKFPux; Mon, 5 Mar 2012 08:51:25 -0800 (PST) Received: from penguin.cs.ucla.edu (Penguin.CS.UCLA.EDU [131.179.64.200]) by smtp.cs.ucla.edu (Postfix) with ESMTPSA id 22DBC39E800A; Mon, 5 Mar 2012 08:51:25 -0800 (PST) Message-ID: <4F54EF08.2070802@cs.ucla.edu> Date: Mon, 05 Mar 2012 08:51:20 -0800 From: Paul Eggert Organization: UCLA Computer Science Department User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:10.0.1) Gecko/20120209 Thunderbird/10.0.1 MIME-Version: 1.0 References: <4D9442D4.6040409@computersalat.de> <4F47E955.2030708@cs.ucla.edu> <1330956034.21887.15.camel@dhcp-24-196.brq.redhat.com> <2411505.tSNBBOCSkd@linuix> In-Reply-To: <2411505.tSNBBOCSkd@linuix> Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: 7bit X-Spam-Score: -1.9 (-) X-BeenThere: debbugs-submit@debbugs.gnu.org X-Mailman-Version: 2.1.13 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Sender: debbugs-submit-bounces@debbugs.gnu.org Errors-To: debbugs-submit-bounces@debbugs.gnu.org X-Spam-Score: -1.9 (-) On 03/05/2012 08:42 AM, Bruno Haible wrote: > This use of '@' in a mode string conflicts with the use of '@' on > MacOS X 10.5 and newer to designate "extended attributes" (like > quarantine information on MacOS X 10.7). I don't see why. That's an *output* format, whereas we're talking about an *input* format. In many systems, for example, "+" is used to designated extended attributes in "ls" mode output, but this use of "+" does not conflict with input usages like "chmod +x foo". From unknown Sun Jun 22 22:45:54 2025 X-Loop: help-debbugs@gnu.org Subject: bug#8391: chmod setuid & setguid bits Resent-From: Bruno Haible Original-Sender: debbugs-submit-bounces@debbugs.gnu.org Resent-CC: bug-coreutils@gnu.org Resent-Date: Mon, 05 Mar 2012 20:22:01 +0000 Resent-Message-ID: Resent-Sender: help-debbugs@gnu.org X-GNU-PR-Message: followup 8391 X-GNU-PR-Package: coreutils X-GNU-PR-Keywords: To: Paul Eggert Cc: chris@computersalat.de, Eric Blake , bug-gnulib@gnu.org, ovasik@redhat.com, 8391@debbugs.gnu.org Received: via spool by 8391-submit@debbugs.gnu.org id=B8391.133097888012061 (code B ref 8391); Mon, 05 Mar 2012 20:22:01 +0000 Received: (at 8391) by debbugs.gnu.org; 5 Mar 2012 20:21:20 +0000 Received: from localhost ([127.0.0.1]:34638 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.72) (envelope-from ) id 1S4ePC-00038B-2F for submit@debbugs.gnu.org; Mon, 05 Mar 2012 15:21:19 -0500 Received: from mo-p00-ob.rzone.de ([81.169.146.162]:19297) by debbugs.gnu.org with esmtp (Exim 4.72) (envelope-from ) id 1S4eOt-00037S-TJ for 8391@debbugs.gnu.org; Mon, 05 Mar 2012 15:21:02 -0500 DKIM-Signature: v=1; a=rsa-sha1; c=relaxed/relaxed; t=1330978806; l=567; s=domk; d=haible.de; h=Content-Type:Content-Transfer-Encoding:MIME-Version:References: In-Reply-To:Date:Subject:Cc:To:From:X-RZG-CLASS-ID:X-RZG-AUTH; bh=g2PYCQI3WAXj/877cj8/kAh5lbk=; b=Ash+eN8MfBLKg4y3DTlUStK3vmoIKzmYhGg8aASIVSVjoiWsb4C5wQd61WiYL7U/28S x82cmCUA7PHak2Bouno6hvNIGdJVBbc07EnDnB87EP/yNVGHqdbYzSDeMIbCRZAVxqBJu bdXZzsvonSD2CtPf++RmSREW2kwILDU+458= X-RZG-AUTH: :Ln4Re0+Ic/6oZXR1YgKryK8brksyK8dozXDwHXjf9hj/zDNRbvY44zMkpA== X-RZG-CLASS-ID: mo00 Received: from linuix.haible.de (dslb-088-068-070-142.pools.arcor-ip.net [88.68.70.142]) by smtp.strato.de (jimi mo17) (RZmta 27.7 DYNA|AUTH) with ESMTPA id w00dd0o25JixBW ; Mon, 5 Mar 2012 21:19:59 +0100 (MET) From: Bruno Haible Date: Mon, 05 Mar 2012 21:20:20 +0100 Message-ID: <1469582.iCF4gxA84d@linuix> User-Agent: KMail/4.7.4 (Linux/3.1.0-1.2-desktop; KDE/4.7.4; x86_64; ; ) In-Reply-To: <4F54EF08.2070802@cs.ucla.edu> References: <4D9442D4.6040409@computersalat.de> <2411505.tSNBBOCSkd@linuix> <4F54EF08.2070802@cs.ucla.edu> MIME-Version: 1.0 Content-Transfer-Encoding: 7Bit Content-Type: text/plain; charset="us-ascii" X-Spam-Score: -1.9 (-) X-BeenThere: debbugs-submit@debbugs.gnu.org X-Mailman-Version: 2.1.13 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Sender: debbugs-submit-bounces@debbugs.gnu.org Errors-To: debbugs-submit-bounces@debbugs.gnu.org X-Spam-Score: -1.9 (-) Paul Eggert wrote: > this use of "+" does not conflict with input usages like > "chmod +x foo". It's because this use of '+' is easy to remember. "chmod +x" means "add execution permissions". "chmod -x" means "remove execution permissions". You want a symbol for "assign exact permissions". IMO the equals sign is a more well-known symbol for assignment than '@'. So, how about a notation chmod =755 or chmod =rw-r--r-- ? Then there will not only be no conflict with MacOS X. It will also be reasonably easy to remember for the users. Bruno From unknown Sun Jun 22 22:45:54 2025 X-Loop: help-debbugs@gnu.org Subject: bug#8391: chmod setuid & setguid bits Resent-From: Bob Proulx Original-Sender: debbugs-submit-bounces@debbugs.gnu.org Resent-CC: bug-coreutils@gnu.org Resent-Date: Mon, 05 Mar 2012 20:40:02 +0000 Resent-Message-ID: Resent-Sender: help-debbugs@gnu.org X-GNU-PR-Message: followup 8391 X-GNU-PR-Package: coreutils X-GNU-PR-Keywords: To: Bruno Haible Cc: chris@computersalat.de, bug-gnulib@gnu.org, ovasik@redhat.com, 8391@debbugs.gnu.org Received: via spool by 8391-submit@debbugs.gnu.org id=B8391.133097999616940 (code B ref 8391); Mon, 05 Mar 2012 20:40:02 +0000 Received: (at 8391) by debbugs.gnu.org; 5 Mar 2012 20:39:56 +0000 Received: from localhost ([127.0.0.1]:34680 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.72) (envelope-from ) id 1S4ehI-0004Oz-CD for submit@debbugs.gnu.org; Mon, 05 Mar 2012 15:39:56 -0500 Received: from joseki.proulx.com ([216.17.153.58]:36380) by debbugs.gnu.org with esmtp (Exim 4.72) (envelope-from ) id 1S4eh6-0004OX-Vm for 8391@debbugs.gnu.org; Mon, 05 Mar 2012 15:39:46 -0500 Received: from hysteria.proulx.com (hysteria.proulx.com [192.168.230.119]) by joseki.proulx.com (Postfix) with ESMTP id 9CC79211DB; Mon, 5 Mar 2012 13:38:54 -0700 (MST) Received: by hysteria.proulx.com (Postfix, from userid 1000) id 5A4F12DC14; Mon, 5 Mar 2012 13:38:54 -0700 (MST) Date: Mon, 5 Mar 2012 13:38:54 -0700 From: Bob Proulx Message-ID: <20120305203854.GA13788@hysteria.proulx.com> Mail-Followup-To: Bruno Haible , chris@computersalat.de, bug-gnulib@gnu.org, ovasik@redhat.com, 8391@debbugs.gnu.org References: <4D9442D4.6040409@computersalat.de> <2411505.tSNBBOCSkd@linuix> <4F54EF08.2070802@cs.ucla.edu> <1469582.iCF4gxA84d@linuix> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <1469582.iCF4gxA84d@linuix> User-Agent: Mutt/1.5.21 (2010-09-15) X-Spam-Score: -1.9 (-) X-BeenThere: debbugs-submit@debbugs.gnu.org X-Mailman-Version: 2.1.13 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Sender: debbugs-submit-bounces@debbugs.gnu.org Errors-To: debbugs-submit-bounces@debbugs.gnu.org X-Spam-Score: -1.9 (-) Bruno Haible wrote: > It's because this use of '+' is easy to remember. > "chmod +x" means "add execution permissions". > "chmod -x" means "remove execution permissions". To be pedantic that isn't quite true. To be pedantic it actually is gated by the process umask in effect at that time. You need the 'a' or other target in order to avoid the umask layer. "chmod +x" means "add execution permissions qualified by umask". "chmod -x" means "remove execution permissions qualified by umask". "chmod a+x" means "add execution permissions". "chmod a-x" means "remove execution permissions". Bob From unknown Sun Jun 22 22:45:54 2025 X-Loop: help-debbugs@gnu.org Subject: bug#8391: chmod setuid & setguid bits Resent-From: Ondrej Vasik Original-Sender: debbugs-submit-bounces@debbugs.gnu.org Resent-CC: bug-coreutils@gnu.org Resent-Date: Mon, 05 Mar 2012 21:37:01 +0000 Resent-Message-ID: Resent-Sender: help-debbugs@gnu.org X-GNU-PR-Message: followup 8391 X-GNU-PR-Package: coreutils X-GNU-PR-Keywords: To: Bruno Haible Cc: chris@computersalat.de, Eric Blake , Paul Eggert , bug-gnulib@gnu.org, 8391@debbugs.gnu.org Reply-To: ovasik@redhat.com Received: via spool by 8391-submit@debbugs.gnu.org id=B8391.133098340825211 (code B ref 8391); Mon, 05 Mar 2012 21:37:01 +0000 Received: (at 8391) by debbugs.gnu.org; 5 Mar 2012 21:36:48 +0000 Received: from localhost ([127.0.0.1]:34782 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.72) (envelope-from ) id 1S4faJ-0006YO-V3 for submit@debbugs.gnu.org; Mon, 05 Mar 2012 16:36:48 -0500 Received: from mx1.redhat.com ([209.132.183.28]:16055) by debbugs.gnu.org with esmtp (Exim 4.72) (envelope-from ) id 1S4fa5-0006Xy-Ta for 8391@debbugs.gnu.org; Mon, 05 Mar 2012 16:36:35 -0500 Received: from int-mx11.intmail.prod.int.phx2.redhat.com (int-mx11.intmail.prod.int.phx2.redhat.com [10.5.11.24]) by mx1.redhat.com (8.14.4/8.14.4) with ESMTP id q25LZct2011679 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=OK); Mon, 5 Mar 2012 16:35:38 -0500 Received: from [10.3.238.28] (vpn-238-28.phx2.redhat.com [10.3.238.28]) by int-mx11.intmail.prod.int.phx2.redhat.com (8.14.4/8.14.4) with ESMTP id q25LZae3032184; Mon, 5 Mar 2012 16:35:37 -0500 From: Ondrej Vasik In-Reply-To: <1469582.iCF4gxA84d@linuix> References: <4D9442D4.6040409@computersalat.de> <2411505.tSNBBOCSkd@linuix> <4F54EF08.2070802@cs.ucla.edu> <1469582.iCF4gxA84d@linuix> Content-Type: text/plain; charset="UTF-8" Organization: Red Hat, Inc. Date: Mon, 05 Mar 2012 22:35:35 +0100 Message-ID: <1330983335.28107.23.camel@dhcp-24-196.brq.redhat.com> Mime-Version: 1.0 Content-Transfer-Encoding: 7bit X-Scanned-By: MIMEDefang 2.68 on 10.5.11.24 X-Spam-Score: -6.9 (------) X-BeenThere: debbugs-submit@debbugs.gnu.org X-Mailman-Version: 2.1.13 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Sender: debbugs-submit-bounces@debbugs.gnu.org Errors-To: debbugs-submit-bounces@debbugs.gnu.org X-Spam-Score: -6.9 (------) On Mon, 2012-03-05 at 21:20 +0100, Bruno Haible wrote: > Paul Eggert wrote: > > this use of "+" does not conflict with input usages like > > "chmod +x foo". > > It's because this use of '+' is easy to remember. > "chmod +x" means "add execution permissions". > "chmod -x" means "remove execution permissions". > > You want a symbol for "assign exact permissions". > IMO the equals sign is a more well-known symbol for assignment than '@'. > So, how about a notation > chmod =755 > or > chmod =rw-r--r-- The only concern I have with equal sign (which was proposed by Paul as the first candidate as well - see http://debbugs.gnu.org/cgi/bugreport.cgi?bug=8391#50 ) is the confusion with the equal sign in the symbolic mode specification - this one should be for combination with numeric octal mode. Therefore @ sign was chosen based on http://debbugs.gnu.org/cgi/bugreport.cgi?bug=8391#59 ... However, you are right that = is more intuitive (using exact mode, when specified as first character) - but using it for that will either change behaviour or confuse people for 'chmod =rwx DIR' usecase, if there are special bits on directory. Greetings, Ondrej From unknown Sun Jun 22 22:45:54 2025 X-Loop: help-debbugs@gnu.org Subject: bug#8391: chmod setuid & setguid bits Resent-From: Bruno Haible Original-Sender: debbugs-submit-bounces@debbugs.gnu.org Resent-CC: bug-coreutils@gnu.org Resent-Date: Mon, 05 Mar 2012 22:29:03 +0000 Resent-Message-ID: Resent-Sender: help-debbugs@gnu.org X-GNU-PR-Message: followup 8391 X-GNU-PR-Package: coreutils X-GNU-PR-Keywords: To: ovasik@redhat.com Cc: chris@computersalat.de, Eric Blake , Paul Eggert , bug-gnulib@gnu.org, 8391@debbugs.gnu.org Received: via spool by 8391-submit@debbugs.gnu.org id=B8391.1330986539608 (code B ref 8391); Mon, 05 Mar 2012 22:29:03 +0000 Received: (at 8391) by debbugs.gnu.org; 5 Mar 2012 22:28:59 +0000 Received: from localhost ([127.0.0.1]:34914 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.72) (envelope-from ) id 1S4gOj-00009S-8t for submit@debbugs.gnu.org; Mon, 05 Mar 2012 17:28:58 -0500 Received: from mo-p00-ob.rzone.de ([81.169.146.161]:50801) by debbugs.gnu.org with esmtp (Exim 4.72) (envelope-from ) id 1S4gOI-00008p-Dc for 8391@debbugs.gnu.org; Mon, 05 Mar 2012 17:28:41 -0500 DKIM-Signature: v=1; a=rsa-sha1; c=relaxed/relaxed; t=1330986455; l=765; s=domk; d=haible.de; h=Content-Type:Content-Transfer-Encoding:MIME-Version:References: In-Reply-To:Date:Subject:Cc:To:From:X-RZG-CLASS-ID:X-RZG-AUTH; bh=PHi4nD272ym+O4O/JhP5PwfrrBk=; b=UeG1yYf1lQ9mnVFgYaiZooS3pbNQp1ZKd0x8RTdn1FeH71BayvyG1xjudFf2Oq92lOm VpqSkzdKFu0wQckjP9jDPTtJFZ2Q+i+HeztKcPQ8UyiMBMr0XXJNr9dgfkb0PVa8RKVJ9 RWNv+inmitLMaVmz3+8/Arm5z3iCzjBQZ0Y= X-RZG-AUTH: :Ln4Re0+Ic/6oZXR1YgKryK8brksyK8dozXDwHXjf9hj/zDNRbvY44zMkpA== X-RZG-CLASS-ID: mo00 Received: from linuix.haible.de (dslb-088-068-070-142.pools.arcor-ip.net [88.68.70.142]) by smtp.strato.de (klopstock mo14) (RZmta 27.7 DYNA|AUTH) with ESMTPA id d000b0o25Kf5Pc ; Mon, 5 Mar 2012 23:27:12 +0100 (MET) From: Bruno Haible Date: Mon, 05 Mar 2012 23:27:34 +0100 Message-ID: <2348432.5dMx3pRzdk@linuix> User-Agent: KMail/4.7.4 (Linux/3.1.0-1.2-desktop; KDE/4.7.4; x86_64; ; ) In-Reply-To: <1330983335.28107.23.camel@dhcp-24-196.brq.redhat.com> References: <4D9442D4.6040409@computersalat.de> <1469582.iCF4gxA84d@linuix> <1330983335.28107.23.camel@dhcp-24-196.brq.redhat.com> MIME-Version: 1.0 Content-Transfer-Encoding: 7Bit Content-Type: text/plain; charset="us-ascii" X-Spam-Score: -1.9 (-) X-BeenThere: debbugs-submit@debbugs.gnu.org X-Mailman-Version: 2.1.13 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Sender: debbugs-submit-bounces@debbugs.gnu.org Errors-To: debbugs-submit-bounces@debbugs.gnu.org X-Spam-Score: -1.9 (-) Ondrej Vasik wrote: > Therefore @ sign was chosen > based on http://debbugs.gnu.org/cgi/bugreport.cgi?bug=8391#59 ... The choice was pretty random: "we can choose some otherwise-unused character, such as '@'." By the same argument one could also choose any of '%' '^' ',' '.' '_' > However, you are right that = is more intuitive (using exact mode, when > specified as first character) - but using it for that will either change > behaviour or confuse people for 'chmod =rwx DIR' usecase, if there are > special bits on directory. Then how about using "==" or ":=" to designate the assignment? chmod ==755 DIR or chmod :=755 DIR Both somehow remind assignment. The "==" choice also is similar with chmod 00755 DIR Bruno From unknown Sun Jun 22 22:45:54 2025 X-Loop: help-debbugs@gnu.org Subject: bug#8391: chmod setuid & setguid bits Resent-From: Ondrej Vasik Original-Sender: debbugs-submit-bounces@debbugs.gnu.org Resent-CC: bug-coreutils@gnu.org Resent-Date: Tue, 06 Mar 2012 06:08:02 +0000 Resent-Message-ID: Resent-Sender: help-debbugs@gnu.org X-GNU-PR-Message: followup 8391 X-GNU-PR-Package: coreutils X-GNU-PR-Keywords: To: Bruno Haible Cc: chris@computersalat.de, Eric Blake , Paul Eggert , bug-gnulib@gnu.org, 8391@debbugs.gnu.org Reply-To: ovasik@redhat.com Received: via spool by 8391-submit@debbugs.gnu.org id=B8391.13310140498308 (code B ref 8391); Tue, 06 Mar 2012 06:08:02 +0000 Received: (at 8391) by debbugs.gnu.org; 6 Mar 2012 06:07:29 +0000 Received: from localhost ([127.0.0.1]:35128 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.72) (envelope-from ) id 1S4nYW-00029n-KU for submit@debbugs.gnu.org; Tue, 06 Mar 2012 01:07:29 -0500 Received: from mx1.redhat.com ([209.132.183.28]:54359) by debbugs.gnu.org with esmtp (Exim 4.72) (envelope-from ) id 1S4nYI-00027X-L7 for 8391@debbugs.gnu.org; Tue, 06 Mar 2012 01:07:16 -0500 Received: from int-mx01.intmail.prod.int.phx2.redhat.com (int-mx01.intmail.prod.int.phx2.redhat.com [10.5.11.11]) by mx1.redhat.com (8.14.4/8.14.4) with ESMTP id q2666F73032229 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=OK); Tue, 6 Mar 2012 01:06:15 -0500 Received: from [10.3.238.28] (vpn-238-28.phx2.redhat.com [10.3.238.28]) by int-mx01.intmail.prod.int.phx2.redhat.com (8.13.8/8.13.8) with ESMTP id q2666C8f012385; Tue, 6 Mar 2012 01:06:13 -0500 From: Ondrej Vasik In-Reply-To: <2348432.5dMx3pRzdk@linuix> References: <4D9442D4.6040409@computersalat.de> <1469582.iCF4gxA84d@linuix> <1330983335.28107.23.camel@dhcp-24-196.brq.redhat.com> <2348432.5dMx3pRzdk@linuix> Content-Type: text/plain; charset="UTF-8" Organization: Red Hat, Inc. Date: Tue, 06 Mar 2012 07:06:11 +0100 Message-ID: <1331013971.28107.36.camel@dhcp-24-196.brq.redhat.com> Mime-Version: 1.0 Content-Transfer-Encoding: 7bit X-Scanned-By: MIMEDefang 2.67 on 10.5.11.11 X-Spam-Score: -6.9 (------) X-BeenThere: debbugs-submit@debbugs.gnu.org X-Mailman-Version: 2.1.13 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Sender: debbugs-submit-bounces@debbugs.gnu.org Errors-To: debbugs-submit-bounces@debbugs.gnu.org X-Spam-Score: -6.9 (------) On Mon, 2012-03-05 at 23:27 +0100, Bruno Haible wrote: > Ondrej Vasik wrote: > > Therefore @ sign was chosen > > based on http://debbugs.gnu.org/cgi/bugreport.cgi?bug=8391#59 ... > > The choice was pretty random: > "we can choose some otherwise-unused character, such as '@'." > > By the same argument one could also choose any of > '%' > '^' > ',' > '.' > '_' Yes, that's true - and as it is new, it is less probable that the mode with this new otherwise-unused character will cause some confusion or troubles. But any of them is contra intuitive... > > However, you are right that = is more intuitive (using exact mode, when > > specified as first character) - but using it for that will either change > > behaviour or confuse people for 'chmod =rwx DIR' usecase, if there are > > special bits on directory. > > Then how about using "==" or ":=" to designate the assignment? > > chmod ==755 DIR > or > chmod :=755 DIR > > Both somehow remind assignment. The "==" choice also is similar with > chmod 00755 DIR Yes, "==" and ":=" preceeding the mode sounds as an option - but I'm still a bit worried about unwanted behaviour when an unexperienced user will use only one equation mark with the intention of forcing exact mode. However, single = in combination with numeric mode will report invalid mode anyway. New, previously unused character, mitigates the risk of such confusion anyway. Greetings, Ondrej From unknown Sun Jun 22 22:45:54 2025 X-Loop: help-debbugs@gnu.org Subject: bug#8391: chmod setuid & setguid bits Resent-From: Paul Eggert Original-Sender: debbugs-submit-bounces@debbugs.gnu.org Resent-CC: bug-coreutils@gnu.org Resent-Date: Tue, 06 Mar 2012 07:29:02 +0000 Resent-Message-ID: Resent-Sender: help-debbugs@gnu.org X-GNU-PR-Message: followup 8391 X-GNU-PR-Package: coreutils X-GNU-PR-Keywords: To: Bruno Haible Cc: chris@computersalat.de, bug-gnulib@gnu.org, ovasik@redhat.com, 8391@debbugs.gnu.org Received: via spool by 8391-submit@debbugs.gnu.org id=B8391.133101889015351 (code B ref 8391); Tue, 06 Mar 2012 07:29:02 +0000 Received: (at 8391) by debbugs.gnu.org; 6 Mar 2012 07:28:10 +0000 Received: from localhost ([127.0.0.1]:35136 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.72) (envelope-from ) id 1S4ooa-0003z5-Vt for submit@debbugs.gnu.org; Tue, 06 Mar 2012 02:28:10 -0500 Received: from smtp.cs.ucla.edu ([131.179.128.62]:48972) by debbugs.gnu.org with esmtp (Exim 4.72) (envelope-from ) id 1S4ooE-0003yY-9S for 8391@debbugs.gnu.org; Tue, 06 Mar 2012 02:27:58 -0500 Received: from localhost (localhost.localdomain [127.0.0.1]) by smtp.cs.ucla.edu (Postfix) with ESMTP id 916BE39E800B; Mon, 5 Mar 2012 23:26:53 -0800 (PST) X-Virus-Scanned: amavisd-new at smtp.cs.ucla.edu Received: from smtp.cs.ucla.edu ([127.0.0.1]) by localhost (smtp.cs.ucla.edu [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id zgAO0fsxc+Yr; Mon, 5 Mar 2012 23:26:52 -0800 (PST) Received: from [192.168.1.10] (pool-71-189-109-235.lsanca.fios.verizon.net [71.189.109.235]) by smtp.cs.ucla.edu (Postfix) with ESMTPSA id 2383839E8008; Mon, 5 Mar 2012 23:26:52 -0800 (PST) Message-ID: <4F55BC40.2030506@cs.ucla.edu> Date: Mon, 05 Mar 2012 23:26:56 -0800 From: Paul Eggert Organization: UCLA Computer Science Department User-Agent: Mozilla/5.0 (X11; Linux i686; rv:10.0.2) Gecko/20120216 Thunderbird/10.0.2 MIME-Version: 1.0 References: <4D9442D4.6040409@computersalat.de> <1469582.iCF4gxA84d@linuix> <1330983335.28107.23.camel@dhcp-24-196.brq.redhat.com> <2348432.5dMx3pRzdk@linuix> In-Reply-To: <2348432.5dMx3pRzdk@linuix> Content-Type: multipart/mixed; boundary="------------020803040805030401060705" X-Spam-Score: -1.9 (-) X-BeenThere: debbugs-submit@debbugs.gnu.org X-Mailman-Version: 2.1.13 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Sender: debbugs-submit-bounces@debbugs.gnu.org Errors-To: debbugs-submit-bounces@debbugs.gnu.org X-Spam-Score: -1.9 (-) This is a multi-part message in MIME format. --------------020803040805030401060705 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 7bit On 03/05/2012 02:27 PM, Bruno Haible wrote: > Then how about using "==" or ":=" to designate the assignment? That's too fancy. Plain '=' would be better. We can also support notations like '+700' and '-77' to OR-in or AND-out arbitrary masks. This would be a clear and straightforward extension to the existing symbolic modes. Something like the attached patches for gnulib and coreutils, perhaps? If this looks OK I'll add test cases. --------------020803040805030401060705 Content-Type: text/plain; name="gnulib-patch.txt" Content-Transfer-Encoding: base64 Content-Disposition: attachment; filename="gnulib-patch.txt" bW9kZWNoYW5nZTogYWRkIG5vdGF0aW9ucyArNDAsIDAwNDQwLCBldGMuCiogbGliL21vZGVj aGFuZ2UuYyAobW9kZV9jb21waWxlKTogU3VwcG9ydCBuZXcgbm90YXRpb25zCis0MCwgLTQw LCA9NDQwLCAwMDQ0MC4gIFNlZSA8aHR0cDovL2RlYmJ1Z3MuZ251Lm9yZy84MzkxPi4KZGlm ZiAtLWdpdCBhL2xpYi9tb2RlY2hhbmdlLmMgYi9saWIvbW9kZWNoYW5nZS5jCmluZGV4IDRh ZTkwY2EuLmVhNDZiNmMgMTAwNjQ0Ci0tLSBhL2xpYi9tb2RlY2hhbmdlLmMKKysrIGIvbGli L21vZGVjaGFuZ2UuYwpAQCAtMTM2LDYgKzEzNiw3IEBAIG1vZGVfY29tcGlsZSAoY2hhciBj b25zdCAqbW9kZV9zdHJpbmcpCiAgIC8qIFRoZSBhcnJheSBvZiBtb2RlLWNoYW5nZSBkaXJl Y3RpdmVzIHRvIGJlIHJldHVybmVkLiAgKi8KICAgc3RydWN0IG1vZGVfY2hhbmdlICptYzsK ICAgc2l6ZV90IHVzZWQgPSAwOworICBjaGFyIGNvbnN0ICpwOwoKICAgaWYgKCcwJyA8PSAq bW9kZV9zdHJpbmcgJiYgKm1vZGVfc3RyaW5nIDwgJzgnKQogICAgIHsKQEAgLTE0Myw0MCAr MTQ0LDQzIEBAIG1vZGVfY29tcGlsZSAoY2hhciBjb25zdCAqbW9kZV9zdHJpbmcpCiAgICAg ICBtb2RlX3QgbW9kZTsKICAgICAgIG1vZGVfdCBtZW50aW9uZWQ7CgorICAgICAgcCA9IG1v ZGVfc3RyaW5nOwogICAgICAgZG8KICAgICAgICAgewotICAgICAgICAgIG9jdGFsX21vZGUg PSA4ICogb2N0YWxfbW9kZSArICptb2RlX3N0cmluZysrIC0gJzAnOworICAgICAgICAgIG9j dGFsX21vZGUgPSA4ICogb2N0YWxfbW9kZSArICpwKysgLSAnMCc7CiAgICAgICAgICAgaWYg KEFMTE0gPCBvY3RhbF9tb2RlKQogICAgICAgICAgICAgcmV0dXJuIE5VTEw7CiAgICAgICAg IH0KLSAgICAgIHdoaWxlICgnMCcgPD0gKm1vZGVfc3RyaW5nICYmICptb2RlX3N0cmluZyA8 ICc4Jyk7CisgICAgICB3aGlsZSAoJzAnIDw9ICpwICYmICpwIDwgJzgnKTsKCi0gICAgICBp ZiAoKm1vZGVfc3RyaW5nKQorICAgICAgaWYgKCpwKQogICAgICAgICByZXR1cm4gTlVMTDsK CiAgICAgICBtb2RlID0gb2N0YWxfdG9fbW9kZSAob2N0YWxfbW9kZSk7Ci0gICAgICBtZW50 aW9uZWQgPSAobW9kZSAmIChTX0lTVUlEIHwgU19JU0dJRCkpIHwgU19JU1ZUWCB8IFNfSVJX WFVHTzsKKyAgICAgIG1lbnRpb25lZCA9IChwIC0gbW9kZV9zdHJpbmcgPCA1CisgICAgICAg ICAgICAgICAgICAgPyAobW9kZSAmIChTX0lTVUlEIHwgU19JU0dJRCkpIHwgU19JU1ZUWCB8 IFNfSVJXWFVHTworICAgICAgICAgICAgICAgICAgIDogQ0hNT0RfTU9ERV9CSVRTKTsKICAg ICAgIHJldHVybiBtYWtlX25vZGVfb3BfZXF1YWxzIChtb2RlLCBtZW50aW9uZWQpOwogICAg IH0KCiAgIC8qIEFsbG9jYXRlIGVub3VnaCBzcGFjZSB0byBob2xkIHRoZSByZXN1bHQuICAq LwogICB7CiAgICAgc2l6ZV90IG5lZWRlZCA9IDE7Ci0gICAgY2hhciBjb25zdCAqcDsKICAg ICBmb3IgKHAgPSBtb2RlX3N0cmluZzsgKnA7IHArKykKICAgICAgIG5lZWRlZCArPSAoKnAg PT0gJz0nIHx8ICpwID09ICcrJyB8fCAqcCA9PSAnLScpOwogICAgIG1jID0geG5tYWxsb2Mg KG5lZWRlZCwgc2l6ZW9mICptYyk7CiAgIH0KCi0gIC8qIE9uZSBsb29wIGl0ZXJhdGlvbiBm b3IgZWFjaCAnW3Vnb2FdKihbLSs9XShbcnd4WHN0XSp8W3Vnb10pKSsnLiAgKi8KLSAgZm9y ICg7OyBtb2RlX3N0cmluZysrKQorICAvKiBPbmUgbG9vcCBpdGVyYXRpb24gZm9yIGVhY2gK KyAgICAgJ1t1Z29hXSooWy0rPV0oW3J3eFhzdF0qfFt1Z29dKSkrfFstKz1dWzAtN10rJy4g ICovCisgIGZvciAocCA9IG1vZGVfc3RyaW5nOyA7IHArKykKICAgICB7CiAgICAgICAvKiBX aGljaCBiaXRzIGluIHRoZSBtb2RlIGFyZSBvcGVyYXRlZCBvbi4gICovCiAgICAgICBtb2Rl X3QgYWZmZWN0ZWQgPSAwOwoKICAgICAgIC8qIFR1cm4gb24gYWxsIHRoZSBiaXRzIGluICdh ZmZlY3RlZCcgZm9yIGVhY2ggZ3JvdXAgZ2l2ZW4uICAqLwotICAgICAgZm9yICg7OyBtb2Rl X3N0cmluZysrKQotICAgICAgICBzd2l0Y2ggKCptb2RlX3N0cmluZykKKyAgICAgIGZvciAo OzsgcCsrKQorICAgICAgICBzd2l0Y2ggKCpwKQogICAgICAgICAgIHsKICAgICAgICAgICBk ZWZhdWx0OgogICAgICAgICAgICAgZ290byBpbnZhbGlkOwpAQCAtMTk5LDM1ICsyMDMsNTkg QEAgbW9kZV9jb21waWxlIChjaGFyIGNvbnN0ICptb2RlX3N0cmluZykKCiAgICAgICBkbwog ICAgICAgICB7Ci0gICAgICAgICAgY2hhciBvcCA9ICptb2RlX3N0cmluZysrOworICAgICAg ICAgIGNoYXIgb3AgPSAqcCsrOwogICAgICAgICAgIG1vZGVfdCB2YWx1ZTsKICAgICAgICAg ICBjaGFyIGZsYWcgPSBNT0RFX0NPUFlfRVhJU1RJTkc7CiAgICAgICAgICAgc3RydWN0IG1v ZGVfY2hhbmdlICpjaGFuZ2U7CgotICAgICAgICAgIHN3aXRjaCAoKm1vZGVfc3RyaW5nKysp CisgICAgICAgICAgc3dpdGNoICgqcCkKICAgICAgICAgICAgIHsKKyAgICAgICAgICAgIGNh c2UgJzAnOiBjYXNlICcxJzogY2FzZSAnMic6IGNhc2UgJzMnOgorICAgICAgICAgICAgY2Fz ZSAnNCc6IGNhc2UgJzUnOiBjYXNlICc2JzogY2FzZSAnNyc6CisgICAgICAgICAgICAgIHsK KyAgICAgICAgICAgICAgICB1bnNpZ25lZCBpbnQgb2N0YWxfbW9kZSA9IDA7CisKKyAgICAg ICAgICAgICAgICBkbworICAgICAgICAgICAgICAgICAgeworICAgICAgICAgICAgICAgICAg ICBvY3RhbF9tb2RlID0gOCAqIG9jdGFsX21vZGUgKyAqcCsrIC0gJzAnOworICAgICAgICAg ICAgICAgICAgICBpZiAoQUxMTSA8IG9jdGFsX21vZGUpCisgICAgICAgICAgICAgICAgICAg ICAgcmV0dXJuIE5VTEw7CisgICAgICAgICAgICAgICAgICB9CisgICAgICAgICAgICAgICAg d2hpbGUgKCcwJyA8PSAqcCAmJiAqcCA8ICc4Jyk7CisKKyAgICAgICAgICAgICAgICBpZiAo YWZmZWN0ZWQgfHwgKCpwICYmICpwICE9ICcsJykpCisgICAgICAgICAgICAgICAgICByZXR1 cm4gTlVMTDsKKyAgICAgICAgICAgICAgICBhZmZlY3RlZCA9IENITU9EX01PREVfQklUUzsK KyAgICAgICAgICAgICAgICB2YWx1ZSA9IG9jdGFsX3RvX21vZGUgKG9jdGFsX21vZGUpOwor ICAgICAgICAgICAgICAgIGZsYWcgPSBNT0RFX09SRElOQVJZX0NIQU5HRTsKKyAgICAgICAg ICAgICAgICBicmVhazsKKyAgICAgICAgICAgICAgfQorCiAgICAgICAgICAgICBjYXNlICd1 JzoKICAgICAgICAgICAgICAgLyogU2V0IHRoZSBhZmZlY3RlZCBiaXRzIHRvIHRoZSB2YWx1 ZSBvZiB0aGUgInUiIGJpdHMKICAgICAgICAgICAgICAgICAgb24gdGhlIHNhbWUgZmlsZS4g ICovCiAgICAgICAgICAgICAgIHZhbHVlID0gU19JUldYVTsKKyAgICAgICAgICAgICAgcCsr OwogICAgICAgICAgICAgICBicmVhazsKICAgICAgICAgICAgIGNhc2UgJ2cnOgogICAgICAg ICAgICAgICAvKiBTZXQgdGhlIGFmZmVjdGVkIGJpdHMgdG8gdGhlIHZhbHVlIG9mIHRoZSAi ZyIgYml0cwogICAgICAgICAgICAgICAgICBvbiB0aGUgc2FtZSBmaWxlLiAgKi8KICAgICAg ICAgICAgICAgdmFsdWUgPSBTX0lSV1hHOworICAgICAgICAgICAgICBwKys7CiAgICAgICAg ICAgICAgIGJyZWFrOwogICAgICAgICAgICAgY2FzZSAnbyc6CiAgICAgICAgICAgICAgIC8q IFNldCB0aGUgYWZmZWN0ZWQgYml0cyB0byB0aGUgdmFsdWUgb2YgdGhlICJvIiBiaXRzCiAg ICAgICAgICAgICAgICAgIG9uIHRoZSBzYW1lIGZpbGUuICAqLwogICAgICAgICAgICAgICB2 YWx1ZSA9IFNfSVJXWE87CisgICAgICAgICAgICAgIHArKzsKICAgICAgICAgICAgICAgYnJl YWs7CgogICAgICAgICAgICAgZGVmYXVsdDoKICAgICAgICAgICAgICAgdmFsdWUgPSAwOwog ICAgICAgICAgICAgICBmbGFnID0gTU9ERV9PUkRJTkFSWV9DSEFOR0U7CgotICAgICAgICAg ICAgICBmb3IgKG1vZGVfc3RyaW5nLS07OyBtb2RlX3N0cmluZysrKQotICAgICAgICAgICAg ICAgIHN3aXRjaCAoKm1vZGVfc3RyaW5nKQorICAgICAgICAgICAgICBmb3IgKDs7IHArKykK KyAgICAgICAgICAgICAgICBzd2l0Y2ggKCpwKQogICAgICAgICAgICAgICAgICAgewogICAg ICAgICAgICAgICAgICAgY2FzZSAncic6CiAgICAgICAgICAgICAgICAgICAgIHZhbHVlIHw9 IFNfSVJVU1IgfCBTX0lSR1JQIHwgU19JUk9USDsKQEAgLTI2MiwxNCArMjkwLDEzIEBAIG1v ZGVfY29tcGlsZSAoY2hhciBjb25zdCAqbW9kZV9zdHJpbmcpCiAgICAgICAgICAgY2hhbmdl LT52YWx1ZSA9IHZhbHVlOwogICAgICAgICAgIGNoYW5nZS0+bWVudGlvbmVkID0gKGFmZmVj dGVkID8gYWZmZWN0ZWQgJiB2YWx1ZSA6IHZhbHVlKTsKICAgICAgICAgfQotICAgICAgd2hp bGUgKCptb2RlX3N0cmluZyA9PSAnPScgfHwgKm1vZGVfc3RyaW5nID09ICcrJwotICAgICAg ICAgICAgIHx8ICptb2RlX3N0cmluZyA9PSAnLScpOworICAgICAgd2hpbGUgKCpwID09ICc9 JyB8fCAqcCA9PSAnKycgfHwgKnAgPT0gJy0nKTsKCi0gICAgICBpZiAoKm1vZGVfc3RyaW5n ICE9ICcsJykKKyAgICAgIGlmICgqcCAhPSAnLCcpCiAgICAgICAgIGJyZWFrOwogICAgIH0K Ci0gIGlmICgqbW9kZV9zdHJpbmcgPT0gMCkKKyAgaWYgKCpwID09IDApCiAgICAgewogICAg ICAgbWNbdXNlZF0uZmxhZyA9IE1PREVfRE9ORTsKICAgICAgIHJldHVybiBtYzsK --------------020803040805030401060705 Content-Type: text/plain; name="cu-patch.txt" Content-Transfer-Encoding: base64 Content-Disposition: attachment; filename="cu-patch.txt" Y2htb2Q6IGFkZCBub3RhdGlvbnMgKzQwLCAwMDQ0MCwgZXRjLgoqIE5FV1M6IERvY3VtZW50 IHRoaXMuCiogZG9jL3Blcm0udGV4aSAoT3BlcmF0b3IgTnVtZXJpYyBNb2Rlcyk6IE5ldyBz ZWN0aW9uLgooTnVtZXJpYyBNb2RlcywgRGlyZWN0b3J5IFNldHVpZCBhbmQgU2V0Z2lkKTog RG9jdW1lbnQgbmV3IGJlaGF2aW9yLgoqIHNyYy9jaG1vZC5jICh1c2FnZSk6IERvY3VtZW50 IG5ldyBiZWhhdmlvci4KKG1haW4pOiBTdXBwb3J0IG5ldyBvcHRpb25zIC0wLCAtMSwgZXRj LgpkaWZmIC0tZ2l0IGEvTkVXUyBiL05FV1MKaW5kZXggODAwNjY2OS4uNGYxMmE2MiAxMDA2 NDQKLS0tIGEvTkVXUworKysgYi9ORVdTCkBAIC00LDYgKzQsMjEgQEAgR05VIGNvcmV1dGls cyBORVdTICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgLSotIG91dGxpbmUg LSotCgogKiogTmV3IGZlYXR1cmVzCgorICBBcyBhIEdOVSBleHRlbnNpb24sICdjaG1vZCcs ICdta2RpcicsIGFuZCAnaW5zdGFsbCcgbm93IGFjY2VwdCBvcGVyYXRvcnMKKyAgJy0nLCAn KycsICc9JyBmb2xsb3dlZCBieSBvY3RhbCBtb2RlczsgZm9yIGV4YW1wbGUsICdjaG1vZCAr NDAgRk9PJyBlbmFibGVzCisgIGFuZCAnY2htb2QgLTQwIEZPTycgZGlzYWJsZXMgRk9PJ3Mg Z3JvdXAtcmVhZCBwZXJtaXNzaW9ucy4gIE9wZXJhdG9yCisgIG51bWVyaWMgbW9kZXMgY2Fu IGJlIGNvbWJpbmVkIHdpdGggc3ltYm9saWMgbW9kZXMgYnkgc2VwYXJhdGluZyB0aGVtIHdp dGgKKyAgY29tbWFzOyBmb3IgZXhhbXBsZSwgPTAsdStyIGNsZWFycyBhbGwgcGVybWlzc2lv bnMgZXhjZXB0IGZvciBlbmFibGluZworICB1c2VyLXJlYWQgcGVybWlzc2lvbnMuICBVbmxp a2Ugb3JkaW5hcnkgbnVtZXJpYyBtb2Rlcywgb3BlcmF0b3IgbnVtZXJpYworICBtb2RlcyBk byBub3QgcHJlc2VydmUgZGlyZWN0b3J5IHNldHVpZCBhbmQgc2V0Z2lkIGJpdHM7IGZvciBl eGFtcGxlLAorICAnY2htb2QgPTAgRk9PJyBjbGVhcnMgYWxsIG9mIEZPTydzIHBlcm1pc3Np b25zLCBpbmNsdWRpbmcgc2V0dWlkIGFuZCBzZXRnaWQuCisKKyAgQWxzbywgb3JkaW5hcnkg bnVtZXJpYyBtb2RlcyB3aXRoIGZpdmUgb3IgbW9yZSBkaWdpdHMgbm8gbG9uZ2VyIHByZXNl cnZlCisgIHNldHVpZCBhbmQgc2V0Z2lkIGJpdHMsIHNvIHRoYXQgJ2NobW9kIDAwNzU1IEZP Tycgbm93IGNsZWFycyBGT08ncyBzZXR1aWQKKyAgYW5kIHNldGdpZCBiaXRzLiAgVGhpcyBh bGxvd3Mgc2NyaXB0cyB0byBiZSBwb3J0YWJsZSB0byBvdGhlciBzeXN0ZW1zIHdoaWNoCisg IGxhY2sgdGhlIEdOVSBleHRlbnNpb24gbWVudGlvbmVkIHByZXZpb3VzbHksIGFuZCB3aGVy ZSBvcmRpbmFyeSBudW1lcmljCisgIG1vZGVzIGRvIG5vdCBwcmVzZXJ2ZSBkaXJlY3Rvcnkg c2V0dWlkIGFuZCBzZXRnaWQgYml0cy4KKwogICBkZCBub3cgYWNjZXB0cyB0aGUgY291bnRf Ynl0ZXMsIHNraXBfYnl0ZXMgaWZsYWdzIGFuZCB0aGUgc2Vla19ieXRlcwogICBvZmxhZywg dG8gbW9yZSBlYXNpbHkgYWxsb3cgcHJvY2Vzc2luZyBwb3J0aW9ucyBvZiBhIGZpbGUuCgpk aWZmIC0tZ2l0IGEvZG9jL3Blcm0udGV4aSBiL2RvYy9wZXJtLnRleGkKaW5kZXggODRmODUw MC4uYzM2ZjhhYyAxMDA2NDQKLS0tIGEvZG9jL3Blcm0udGV4aQorKysgYi9kb2MvcGVybS50 ZXhpCkBAIC0xNyw2ICsxNyw3IEBAIHN5bWJvbGljIGZvcm0gb3IgYXMgYW4gb2N0YWwgbnVt YmVyLgogKiBNb2RlIFN0cnVjdHVyZTo6ICAgICAgICAgICAgICBTdHJ1Y3R1cmUgb2YgZmls ZSBtb2RlIGJpdHMuCiAqIFN5bWJvbGljIE1vZGVzOjogICAgICAgICAgICAgIE1uZW1vbmlj IHJlcHJlc2VudGF0aW9uIG9mIGZpbGUgbW9kZSBiaXRzLgogKiBOdW1lcmljIE1vZGVzOjog ICAgICAgICAgICAgICBGaWxlIG1vZGUgYml0cyBhcyBvY3RhbCBudW1iZXJzLgorKiBPcGVy YXRvciBOdW1lcmljIE1vZGVzOjogICAgICBBTkRpbmcsIE9SaW5nLCBhbmQgc2V0dGluZyBt b2RlcyBvY3RhbGx5LgogKiBEaXJlY3RvcnkgU2V0dWlkIGFuZCBTZXRnaWQ6OiBTZXQtdXNl ci1JRCBhbmQgc2V0LWdyb3VwLUlEIG9uIGRpcmVjdG9yaWVzLgogQGVuZCBtZW51CgpAQCAt NDk1LDEzICs0OTYsMTYgQEAgYWx0ZXJuYXRpdmUgdG8gZ2l2aW5nIGEgc3ltYm9saWMgbW9k ZSwgeW91IGNhbiBnaXZlIGFuIG9jdGFsIChiYXNlIDgpCiBudW1iZXIgdGhhdCByZXByZXNl bnRzIHRoZSBtb2RlLgogVGhpcyBudW1iZXIgaXMgYWx3YXlzIGludGVycHJldGVkIGluIG9j dGFsOyB5b3UgZG8gbm90IGhhdmUgdG8gYWRkIGEKIGxlYWRpbmcgQHNhbXB7MH0sIGFzIHlv dSBkbyBpbiBDLiAgTW9kZSBAc2FtcHswMDU1fSBpcyB0aGUgc2FtZSBhcwotbW9kZSBAc2Ft cHs1NX0uCittb2RlIEBzYW1wezU1fS4gIChIb3dldmVyLCBtb2RlcyBvZiBmaXZlIGRpZ2l0 cyBvciBtb3JlLCBzdWNoIGFzCitAc2FtcHswMDA1NX0sIGFyZSB0cmVhdGVkIHNwZWNpYWxs eS4gIEB4cmVme0RpcmVjdG9yeSBTZXR1aWQgYW5kIFNldGdpZH0uKQoKIEEgbnVtZXJpYyBt b2RlIGlzIHVzdWFsbHkgc2hvcnRlciB0aGFuIHRoZSBjb3JyZXNwb25kaW5nIHN5bWJvbGlj CiBtb2RlLCBidXQgaXQgaXMgbGltaXRlZCBpbiB0aGF0IG5vcm1hbGx5IGl0IGNhbm5vdCB0 YWtlIGludG8gYWNjb3VudCB0aGUKIHByZXZpb3VzIGZpbGUgbW9kZSBiaXRzOyBpdCBjYW4g b25seSBzZXQgdGhlbSBhYnNvbHV0ZWx5LgotKEFzIGRpc2N1c3NlZCBpbiB0aGUgbmV4dCBz ZWN0aW9uLCB0aGUgc2V0LXVzZXItSUQgYW5kIHNldC1ncm91cC1JRAotYml0cyBvZiBkaXJl Y3RvcmllcyBhcmUgYW4gZXhjZXB0aW9uIHRvIHRoaXMgZ2VuZXJhbCBsaW1pdGF0aW9uLikK K1RoZSBzZXQtdXNlci1JRCBhbmQgc2V0LWdyb3VwLUlEIGJpdHMgb2YgZGlyZWN0b3JpZXMg YXJlIGFuIGV4Y2VwdGlvbgordG8gdGhpcyBnZW5lcmFsIGxpbWl0YXRpb247IEB4cmVme0Rp cmVjdG9yeSBTZXR1aWQgYW5kIFNldGdpZH0uCitBbHNvLCBvcGVyYXRvciBudW1lcmljIG1v ZGVzIGNhbiB0YWtlIHByZXZpb3VzIGZpbGUgbW9kZSBiaXRzIGludG8KK2FjY291bnQ7IEB4 cmVme09wZXJhdG9yIE51bWVyaWMgTW9kZXN9LgoKIFRoZSBwZXJtaXNzaW9ucyBncmFudGVk IHRvIHRoZSB1c2VyLAogdG8gb3RoZXIgdXNlcnMgaW4gdGhlIGZpbGUncyBncm91cCwKQEAg LTU0MSw2ICs1NDUsMjYgQEAgRm9yIGV4YW1wbGUsIG51bWVyaWMgbW9kZSBAc2FtcHs0NzU1 fSBjb3JyZXNwb25kcyB0byBzeW1ib2xpYyBtb2RlCiBAc2FtcHt1Zz1ydyxvPXJ9LiAgTnVt ZXJpYyBtb2RlIEBzYW1wezB9IGNvcnJlc3BvbmRzIHRvIHN5bWJvbGljIG1vZGUKIEBzYW1w e2E9fS4KCitAbm9kZSBPcGVyYXRvciBOdW1lcmljIE1vZGVzCitAc2VjdGlvbiBPcGVyYXRv ciBOdW1lcmljIE1vZGVzCisKK0FuIG9wZXJhdG9yIG51bWVyaWMgbW9kZSBpcyBhIG51bWVy aWMgbW9kZSB0aGF0IGlzIHByZWZpeGVkIGJ5IGEKK0BzYW1wey19LCBAc2FtcHsrfSwgb3Ig QHNhbXB7PX0gb3BlcmF0b3IsIHdoaWNoIGhhcyB0aGUgc2FtZQoraW50ZXJwcmV0YXRpb24g YXMgaW4gc3ltYm9saWMgbW9kZXMuICBGb3IgZXhhbXBsZSwgQHNhbXB7KzQ0MH0gZW5hYmxl cworcmVhZCBwZXJtaXNzaW9uIGZvciB0aGUgZmlsZSdzIG93bmVyIGFuZCBncm91cCwgQHNh bXB7LTF9IGRpc2FibGVzCitleGVjdXRlIHBlcm1pc3Npb24gZm9yIG90aGVyIHVzZXJzLCBh bmQgQHNhbXB7PTYwMH0gY2xlYXJzIGFsbAorcGVybWlzc2lvbnMgdGhhdCBpdCBlbmFibGVz IHJlYWQtd3JpdGUgcGVybWlzc2lvbnMgZm9yIHRoZSBmaWxlJ3MKK293bmVyLiAgT3BlcmF0 b3IgbnVtZXJpYyBtb2RlcyBjYW4gYmUgY29tYmluZWQgd2l0aCBzeW1ib2xpYyBtb2RlcyBi eQorc2VwYXJhdGluZyB0aGVtIHdpdGggYSBjb21tYTsgZm9yIGV4YW1wbGUsIEBzYW1wez0w LHUrcn0gY2xlYXJzIGFsbAorcGVybWlzc2lvbnMgZXhjZXB0IGZvciBlbmFibGluZyByZWFk IHBlcm1pc3Npb24gZm9yIHRoZSBmaWxlJ3Mgb3duZXIuCisKK1RoZSBjb21tYW5kcyBAc2Ft cHtjaG1vZCA9NzU1IEB2YXJ7ZGlyfX0gYW5kIEBzYW1we2NobW9kIDc1NQorQHZhcntkaXJ9 fSBkaWZmZXIgaW4gdGhhdCB0aGUgZm9ybWVyIGNsZWFycyB0aGUgZGlyZWN0b3J5IEB2YXJ7 ZGlyfSdzCitzZXR1aWQgYW5kIHNldGdpZCBiaXRzLCB3aGVyZWFzIHRoZSBsYXR0ZXIgcHJl c2VydmVzIHRoZW0uCitAeHJlZntEaXJlY3RvcnkgU2V0dWlkIGFuZCBTZXRnaWR9LgorCitP cGVyYXRvciBudW1lcmljIG1vZGVzIGFyZSBhIEBhY3Jvbnlte0dOVX0gZXh0ZW5zaW9uLgor CiBAbm9kZSBEaXJlY3RvcnkgU2V0dWlkIGFuZCBTZXRnaWQKIEBzZWN0aW9uIERpcmVjdG9y aWVzIGFuZCB0aGUgU2V0LVVzZXItSUQgYW5kIFNldC1Hcm91cC1JRCBCaXRzCgpAQCAtNTU5 LDggKzU4MywxMCBAQCBiaXRzIG9mIGRpcmVjdG9yaWVzLiAgSWYgY29tbWFuZHMgbGlrZSBA Y29tbWFuZHtjaG1vZH0gYW5kCiBtZWNoYW5pc21zIHdvdWxkIGJlIGxlc3MgY29udmVuaWVu dCBhbmQgaXQgd291bGQgYmUgaGFyZGVyIHRvIHNoYXJlCiBmaWxlcy4gIFRoZXJlZm9yZSwg YSBjb21tYW5kIGxpa2UgQGNvbW1hbmR7Y2htb2R9IGRvZXMgbm90IGFmZmVjdCB0aGUKIHNl dC11c2VyLUlEIG9yIHNldC1ncm91cC1JRCBiaXRzIG9mIGEgZGlyZWN0b3J5IHVubGVzcyB0 aGUgdXNlcgotc3BlY2lmaWNhbGx5IG1lbnRpb25zIHRoZW0gaW4gYSBzeW1ib2xpYyBtb2Rl LCBvciBzZXRzIHRoZW0gaW4KLWEgbnVtZXJpYyBtb2RlLiAgRm9yIGV4YW1wbGUsIG9uIHN5 c3RlbXMgdGhhdCBzdXBwb3J0CitzcGVjaWZpY2FsbHkgbWVudGlvbnMgdGhlbSBpbiBhIHN5 bWJvbGljIG1vZGUsIG9yIHVzZXMgYW4gb3BlcmF0b3IKK251bWVyaWMgbW9kZSBzdWNoIGFz IEBzYW1wez03NTV9LCBvciBzZXRzIHRoZW0gaW4gYSBudW1lcmljIG1vZGUsIG9yCitjbGVh cnMgdGhlbSBpbiBhIG51bWVyaWMgbW9kZSB0aGF0IGhhcyBmaXZlIG9yIG1vcmUgb2N0YWwg ZGlnaXRzLgorRm9yIGV4YW1wbGUsIG9uIHN5c3RlbXMgdGhhdCBzdXBwb3J0CiBzZXQtZ3Jv dXAtSUQgaW5oZXJpdGFuY2U6CgogQGV4YW1wbGUKQEAgLTU4MiwyMCArNjA4LDI3IEBAIGV4 cGxpY2l0bHkgaW4gdGhlIHN5bWJvbGljIG9yIG51bWVyaWMgbW9kZXMsIGUuZy46CiBAZXhh bXBsZQogIyBUaGVzZSBjb21tYW5kcyB0cnkgdG8gc2V0IHRoZSBzZXQtdXNlci1JRAogIyBh bmQgc2V0LWdyb3VwLUlEIGJpdHMgb2YgdGhlIHN1YmRpcmVjdG9yaWVzLgotbWtkaXIgRyBI Citta2RpciBHCiBjaG1vZCA2NzU1IEcKLWNobW9kIHU9cnd4LGdvPXJ4LGErcyBICi1ta2Rp ciAtbSA2NzU1IEkKK2NobW9kICs2MDAwIEcKK2NobW9kIHU9cnd4LGdvPXJ4LGErcyBHCitt a2RpciAtbSA2NzU1IEgKK21rZGlyIC1tICs2MDAwIEkKIG1rZGlyIC1tIHU9cnd4LGdvPXJ4 LGErcyBKCiBAZW5kIGV4YW1wbGUKCiBJZiB5b3Ugd2FudCB0byB0cnkgdG8gY2xlYXIgdGhl c2UgYml0cywgeW91IG11c3QgbWVudGlvbiB0aGVtCi1leHBsaWNpdGx5IGluIGEgc3ltYm9s aWMgbW9kZSwgZS5nLjoKK2V4cGxpY2l0bHkgaW4gYSBzeW1ib2xpYyBtb2RlLCBvciB1c2Ug YSBzeW1ib2xpYyBtb2RlIGNvbnRhaW5pbmcKKz1AdmFye29jdGFsLWRpZ2l0c30sIG9yIHNw ZWNpZnkgYSBudW1lcmljIG1vZGUgd2l0aCBmaXZlIG9yIG1vcmUgb2N0YWwKK2RpZ2l0cywg ZS5nLjoKCiBAZXhhbXBsZQotIyBUaGlzIGNvbW1hbmQgdHJpZXMgdG8gY2xlYXIgdGhlIHNl dC11c2VyLUlECisjIFRoZXNlIGNvbW1hbmRzIHRyeSB0byBjbGVhciB0aGUgc2V0LXVzZXIt SUQKICMgYW5kIHNldC1ncm91cC1JRCBiaXRzIG9mIHRoZSBkaXJlY3RvcnkgRC4KIGNobW9k IGEtcyBECitjaG1vZCAtNjAwMCBECitjaG1vZCA9NzU1IEQKK2NobW9kIDAwNzU1IEQKIEBl bmQgZXhhbXBsZQoKIFRoaXMgYmVoYXZpb3IgaXMgYSBAYWNyb255bXtHTlV9IGV4dGVuc2lv bi4gIFBvcnRhYmxlIHNjcmlwdHMgc2hvdWxkCmRpZmYgLS1naXQgYS9zcmMvY2htb2QuYyBi L3NyYy9jaG1vZC5jCmluZGV4IGExMzRlM2YuLmFhNGFjNzcgMTAwNjQ0Ci0tLSBhL3NyYy9j aG1vZC5jCisrKyBiL3NyYy9jaG1vZC5jCkBAIC0zOTgsNyArMzk4LDcgQEAgV2l0aCAtLXJl ZmVyZW5jZSwgY2hhbmdlIHRoZSBtb2RlIG9mIGVhY2ggRklMRSB0byB0aGF0IG9mIFJGSUxF LlxuXAogICAgICAgZnB1dHMgKFZFUlNJT05fT1BUSU9OX0RFU0NSSVBUSU9OLCBzdGRvdXQp OwogICAgICAgZnB1dHMgKF8oIlwKIFxuXAotRWFjaCBNT0RFIGlzIG9mIHRoZSBmb3JtICdb dWdvYV0qKFstKz1dKFtyd3hYc3RdKnxbdWdvXSkpKycuXG5cCitFYWNoIE1PREUgaXMgb2Yg dGhlIGZvcm0gJ1t1Z29hXSooWy0rPV0oW3J3eFhzdF0qfFt1Z29dKSkrfFstKz1dWzAtN10r Jy5cblwKICIpLCBzdGRvdXQpOwogICAgICAgZW1pdF9hbmNpbGxhcnlfaW5mbyAoKTsKICAg ICB9CkBAIC00MzAsNyArNDMwLDggQEAgbWFpbiAoaW50IGFyZ2MsIGNoYXIgKiphcmd2KQog ICByZWN1cnNlID0gZm9yY2Vfc2lsZW50ID0gZGlhZ25vc2Vfc3VycHJpc2VzID0gZmFsc2U7 CgogICB3aGlsZSAoKGMgPSBnZXRvcHRfbG9uZyAoYXJnYywgYXJndiwKLSAgICAgICAgICAg ICAgICAgICAgICAgICAgICJSY2Z2cjo6dzo6eDo6WDo6czo6dDo6dTo6Zzo6bzo6YTo6LDo6 Kzo6PTo6IiwKKyAgICAgICAgICAgICAgICAgICAgICAgICAgICgiUmNmdnI6Onc6Ong6Olg6 OnM6OnQ6OnU6Omc6Om86OmE6Oiw6Ois6Oj06OiIKKyAgICAgICAgICAgICAgICAgICAgICAg ICAgICAiMDo6MTo6Mjo6Mzo6NDo6NTo6Njo6Nzo6IiksCiAgICAgICAgICAgICAgICAgICAg ICAgICAgICBsb25nX29wdGlvbnMsIE5VTEwpKQogICAgICAgICAgIT0gLTEpCiAgICAgewpA QCAtNDQ5LDYgKzQ1MCw4IEBAIG1haW4gKGludCBhcmdjLCBjaGFyICoqYXJndikKICAgICAg ICAgY2FzZSAnLCc6CiAgICAgICAgIGNhc2UgJysnOgogICAgICAgICBjYXNlICc9JzoKKyAg ICAgICAgY2FzZSAnMCc6IGNhc2UgJzEnOiBjYXNlICcyJzogY2FzZSAnMyc6CisgICAgICAg IGNhc2UgJzQnOiBjYXNlICc1JzogY2FzZSAnNic6IGNhc2UgJzcnOgogICAgICAgICAgIC8q IFN1cHBvcnQgbm9ucG9ydGFibGUgdXNlcyBsaWtlICJjaG1vZCAtdyIsIGJ1dCBkaWFnbm9z ZQogICAgICAgICAgICAgIHN1cnByaXNlcyBkdWUgdG8gdW1hc2sgY29uZnVzaW9uLiAgRXZl biB0aG91Z2ggIi0tIiwgIi0tciIsCiAgICAgICAgICAgICAgZXRjLiwgYXJlIHZhbGlkIG1v ZGVzLCB0aGVyZSBpcyBubyAiY2FzZSAnLSciIGhlcmUgc2luY2UK --------------020803040805030401060705-- From unknown Sun Jun 22 22:45:54 2025 X-Loop: help-debbugs@gnu.org Subject: bug#8391: chmod setuid & setguid bits Resent-From: Jim Meyering Original-Sender: debbugs-submit-bounces@debbugs.gnu.org Resent-CC: bug-coreutils@gnu.org Resent-Date: Tue, 06 Mar 2012 08:43:02 +0000 Resent-Message-ID: Resent-Sender: help-debbugs@gnu.org X-GNU-PR-Message: followup 8391 X-GNU-PR-Package: coreutils X-GNU-PR-Keywords: To: Paul Eggert Cc: chris@computersalat.de, bug-gnulib@gnu.org, Bruno Haible , 8391@debbugs.gnu.org Received: via spool by 8391-submit@debbugs.gnu.org id=B8391.133102334221928 (code B ref 8391); Tue, 06 Mar 2012 08:43:02 +0000 Received: (at 8391) by debbugs.gnu.org; 6 Mar 2012 08:42:22 +0000 Received: from localhost ([127.0.0.1]:35202 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.72) (envelope-from ) id 1S4pyQ-0005hT-8M for submit@debbugs.gnu.org; Tue, 06 Mar 2012 03:42:22 -0500 Received: from mx.meyering.net ([88.168.87.75]:38064) by debbugs.gnu.org with esmtp (Exim 4.72) (envelope-from ) id 1S4pyD-0005gn-E6 for 8391@debbugs.gnu.org; Tue, 06 Mar 2012 03:42:11 -0500 Received: from rho.meyering.net (localhost.localdomain [127.0.0.1]) by rho.meyering.net (Acme Bit-Twister) with ESMTP id BA379600FB; Tue, 6 Mar 2012 09:41:15 +0100 (CET) From: Jim Meyering In-Reply-To: <4F55BC40.2030506@cs.ucla.edu> (Paul Eggert's message of "Mon, 05 Mar 2012 23:26:56 -0800") References: <4D9442D4.6040409@computersalat.de> <1469582.iCF4gxA84d@linuix> <1330983335.28107.23.camel@dhcp-24-196.brq.redhat.com> <2348432.5dMx3pRzdk@linuix> <4F55BC40.2030506@cs.ucla.edu> Date: Tue, 06 Mar 2012 09:41:15 +0100 Message-ID: <87pqcq2kb8.fsf@rho.meyering.net> Lines: 37 MIME-Version: 1.0 Content-Type: text/plain X-Spam-Score: -1.9 (-) X-BeenThere: debbugs-submit@debbugs.gnu.org X-Mailman-Version: 2.1.13 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Sender: debbugs-submit-bounces@debbugs.gnu.org Errors-To: debbugs-submit-bounces@debbugs.gnu.org X-Spam-Score: -1.9 (-) Paul Eggert wrote: > On 03/05/2012 02:27 PM, Bruno Haible wrote: > >> Then how about using "==" or ":=" to designate the assignment? > > That's too fancy. Plain '=' would be better. > > We can also support notations like '+700' and '-77' to > OR-in or AND-out arbitrary masks. This would be > a clear and straightforward extension to the > existing symbolic modes. > > Something like the attached patches for gnulib and > coreutils, perhaps? If this looks OK > I'll add test cases. I like it. Thanks! I noted one typo: ... > diff --git a/doc/perm.texi b/doc/perm.texi ... > +@node Operator Numeric Modes > +@section Operator Numeric Modes > + > +An operator numeric mode is a numeric mode that is prefixed by a > +@samp{-}, @samp{+}, or @samp{=} operator, which has the same > +interpretation as in symbolic modes. For example, @samp{+440} enables > +read permission for the file's owner and group, @samp{-1} disables > +execute permission for other users, and @samp{=600} clears all > +permissions that it enables read-write permissions for the file's s/that/then/ > +owner. Operator numeric modes can be combined with symbolic modes by > +separating them with a comma; for example, @samp{=0,u+r} clears all > +permissions except for enabling read permission for the file's owner. From unknown Sun Jun 22 22:45:54 2025 MIME-Version: 1.0 X-Mailer: MIME-tools 5.428 (Entity 5.428) X-Loop: help-debbugs@gnu.org From: help-debbugs@gnu.org (GNU bug Tracking System) To: Christian Subject: bug#8391: closed (Re: bug#8391: chmod setuid & setguid bits) Message-ID: References: <4F59738F.7030205@cs.ucla.edu> <4D9442D4.6040409@computersalat.de> X-Gnu-PR-Message: they-closed 8391 X-Gnu-PR-Package: coreutils Reply-To: 8391@debbugs.gnu.org Date: Fri, 09 Mar 2012 03:07:02 +0000 Content-Type: multipart/mixed; boundary="----------=_1331262422-18615-1" This is a multi-part message in MIME format... ------------=_1331262422-18615-1 Content-Disposition: inline Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset="utf-8" Your bug report #8391: chmod setuid & setguid bits which was filed against the coreutils package, has been closed. The explanation is attached below, along with your original report. If you require more details, please reply to 8391@debbugs.gnu.org. --=20 8391: http://debbugs.gnu.org/cgi/bugreport.cgi?bug=3D8391 GNU Bug Tracking System Contact help-debbugs@gnu.org with problems ------------=_1331262422-18615-1 Content-Type: message/rfc822 Content-Disposition: inline Content-Transfer-Encoding: 7bit Received: (at 8391-done) by debbugs.gnu.org; 9 Mar 2012 03:06:51 +0000 Received: from localhost ([127.0.0.1]:39720 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.72) (envelope-from ) id 1S5qAL-0004ps-VV for submit@debbugs.gnu.org; Thu, 08 Mar 2012 22:06:51 -0500 Received: from smtp.cs.ucla.edu ([131.179.128.62]:35856) by debbugs.gnu.org with esmtp (Exim 4.72) (envelope-from ) id 1S5qAG-0004ph-Af for 8391-done@debbugs.gnu.org; Thu, 08 Mar 2012 22:06:48 -0500 Received: from localhost (localhost.localdomain [127.0.0.1]) by smtp.cs.ucla.edu (Postfix) with ESMTP id 448E339E800E; Thu, 8 Mar 2012 19:05:50 -0800 (PST) X-Virus-Scanned: amavisd-new at smtp.cs.ucla.edu Received: from smtp.cs.ucla.edu ([127.0.0.1]) by localhost (smtp.cs.ucla.edu [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id hjYy87l5DwOM; Thu, 8 Mar 2012 19:05:48 -0800 (PST) Received: from [192.168.1.10] (pool-71-189-109-235.lsanca.fios.verizon.net [71.189.109.235]) by smtp.cs.ucla.edu (Postfix) with ESMTPSA id 988C039E800B; Thu, 8 Mar 2012 19:05:48 -0800 (PST) Message-ID: <4F59738F.7030205@cs.ucla.edu> Date: Thu, 08 Mar 2012 19:05:51 -0800 From: Paul Eggert Organization: UCLA Computer Science Department User-Agent: Mozilla/5.0 (X11; Linux i686; rv:10.0.2) Gecko/20120216 Thunderbird/10.0.2 MIME-Version: 1.0 To: Jim Meyering Subject: Re: bug#8391: chmod setuid & setguid bits References: <4D9442D4.6040409@computersalat.de> <1469582.iCF4gxA84d@linuix> <1330983335.28107.23.camel@dhcp-24-196.brq.redhat.com> <2348432.5dMx3pRzdk@linuix> <4F55BC40.2030506@cs.ucla.edu> <87pqcq2kb8.fsf@rho.meyering.net> In-Reply-To: <87pqcq2kb8.fsf@rho.meyering.net> Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 7bit X-Spam-Score: -1.9 (-) X-Debbugs-Envelope-To: 8391-done Cc: chris@computersalat.de, bug-gnulib@gnu.org, Bruno Haible , 8391-done@debbugs.gnu.org X-BeenThere: debbugs-submit@debbugs.gnu.org X-Mailman-Version: 2.1.13 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Sender: debbugs-submit-bounces@debbugs.gnu.org Errors-To: debbugs-submit-bounces@debbugs.gnu.org X-Spam-Score: -1.9 (-) On 03/06/2012 12:41 AM, Jim Meyering wrote: > I like it. Thanks! > I noted one typo: OK, thanks, I fixed that, improved the documentation a bit more, added a test case, and pushed the following into coreutils master on savannah: >From 46d91221a03dae7cfa9dd21aa36e4c2f121a0cc6 Mon Sep 17 00:00:00 2001 From: Paul Eggert Date: Thu, 8 Mar 2012 18:47:44 -0800 Subject: [PATCH 1/2] build: update gnulib submodule to latest --- gnulib | 2 +- 1 files changed, 1 insertions(+), 1 deletions(-) diff --git a/gnulib b/gnulib index de009b6..4730c3e 160000 --- a/gnulib +++ b/gnulib @@ -1 +1 @@ -Subproject commit de009b65198c00dbe0ecd796ce75d5d9f5346103 +Subproject commit 4730c3e3692b344effb72d46b3ff92db0bdb797a -- 1.7.6.5 >From e34d96759e99c78e2c26da12e44c4548356518e1 Mon Sep 17 00:00:00 2001 From: Paul Eggert Date: Thu, 8 Mar 2012 19:00:27 -0800 Subject: [PATCH 2/2] chmod: add notations +40, 00440, etc. * NEWS: Document this. * doc/perm.texi (Operator Numeric Modes): New section. (Numeric Modes, Directory Setuid and Setgid): Document new behavior. * src/chmod.c (usage): Document new behavior. (main): Support new options -0, -1, etc. * tests/chmod/setgid: Test these new features. --- NEWS | 15 +++++++++++++ doc/perm.texi | 56 ++++++++++++++++++++++++++++++++++++++++++--------- src/chmod.c | 7 ++++- tests/chmod/setgid | 24 ++++++++++++++++++--- 4 files changed, 86 insertions(+), 16 deletions(-) diff --git a/NEWS b/NEWS index 3224b30..38fd4fb 100644 --- a/NEWS +++ b/NEWS @@ -4,6 +4,21 @@ GNU coreutils NEWS -*- outline -*- ** New features + As a GNU extension, 'chmod', 'mkdir', and 'install' now accept operators + '-', '+', '=' followed by octal modes; for example, 'chmod +40 FOO' enables + and 'chmod -40 FOO' disables FOO's group-read permissions. Operator + numeric modes can be combined with symbolic modes by separating them with + commas; for example, =0,u+r clears all permissions except for enabling + user-read permissions. Unlike ordinary numeric modes, operator numeric + modes do not preserve directory setuid and setgid bits; for example, + 'chmod =0 FOO' clears all of FOO's permissions, including setuid and setgid. + + Also, ordinary numeric modes with five or more digits no longer preserve + setuid and setgid bits, so that 'chmod 00755 FOO' now clears FOO's setuid + and setgid bits. This allows scripts to be portable to other systems which + lack the GNU extension mentioned previously, and where ordinary numeric + modes do not preserve directory setuid and setgid bits. + dd now accepts the count_bytes, skip_bytes iflags and the seek_bytes oflag, to more easily allow processing portions of a file. diff --git a/doc/perm.texi b/doc/perm.texi index 84f8500..95de46a 100644 --- a/doc/perm.texi +++ b/doc/perm.texi @@ -17,6 +17,7 @@ symbolic form or as an octal number. * Mode Structure:: Structure of file mode bits. * Symbolic Modes:: Mnemonic representation of file mode bits. * Numeric Modes:: File mode bits as octal numbers. +* Operator Numeric Modes:: ANDing, ORing, and setting modes octally. * Directory Setuid and Setgid:: Set-user-ID and set-group-ID on directories. @end menu @@ -495,13 +496,16 @@ alternative to giving a symbolic mode, you can give an octal (base 8) number that represents the mode. This number is always interpreted in octal; you do not have to add a leading @samp{0}, as you do in C. Mode @samp{0055} is the same as -mode @samp{55}. +mode @samp{55}. (However, modes of five digits or more, such as +@samp{00055}, are sometimes special. @xref{Directory Setuid and Setgid}.) A numeric mode is usually shorter than the corresponding symbolic mode, but it is limited in that normally it cannot take into account the previous file mode bits; it can only set them absolutely. -(As discussed in the next section, the set-user-ID and set-group-ID -bits of directories are an exception to this general limitation.) +The set-user-ID and set-group-ID bits of directories are an exception +to this general limitation; @xref{Directory Setuid and Setgid}. +Also, operator numeric modes can take previous file mode bits into +account; @xref{Operator Numeric Modes}. The permissions granted to the user, to other users in the file's group, @@ -541,6 +545,26 @@ For example, numeric mode @samp{4755} corresponds to symbolic mode @samp{ug=rw,o=r}. Numeric mode @samp{0} corresponds to symbolic mode @samp{a=}. +@node Operator Numeric Modes +@section Operator Numeric Modes + +An operator numeric mode is a numeric mode that is prefixed by a +@samp{-}, @samp{+}, or @samp{=} operator, which has the same +interpretation as in symbolic modes. For example, @samp{+440} enables +read permission for the file's owner and group, @samp{-1} disables +execute permission for other users, and @samp{=600} clears all +permissions except for enabling read-write permissions for the file's +owner. Operator numeric modes can be combined with symbolic modes by +separating them with a comma; for example, @samp{=0,u+r} clears all +permissions except for enabling read permission for the file's owner. + +The commands @samp{chmod =755 @var{dir}} and @samp{chmod 755 +@var{dir}} differ in that the former clears the directory @var{dir}'s +setuid and setgid bits, whereas the latter preserves them. +@xref{Directory Setuid and Setgid}. + +Operator numeric modes are a @acronym{GNU} extension. + @node Directory Setuid and Setgid @section Directories and the Set-User-ID and Set-Group-ID Bits @@ -559,8 +583,10 @@ bits of directories. If commands like @command{chmod} and mechanisms would be less convenient and it would be harder to share files. Therefore, a command like @command{chmod} does not affect the set-user-ID or set-group-ID bits of a directory unless the user -specifically mentions them in a symbolic mode, or sets them in -a numeric mode. For example, on systems that support +specifically mentions them in a symbolic mode, or uses an operator +numeric mode such as @samp{=755}, or sets them in a numeric mode, or +clears them in a numeric mode that has five or more octal digits. +For example, on systems that support set-group-ID inheritance: @example @@ -582,22 +608,32 @@ explicitly in the symbolic or numeric modes, e.g.: @example # These commands try to set the set-user-ID # and set-group-ID bits of the subdirectories. -mkdir G H +mkdir G chmod 6755 G -chmod u=rwx,go=rx,a+s H -mkdir -m 6755 I +chmod +6000 G +chmod u=rwx,go=rx,a+s G +mkdir -m 6755 H +mkdir -m +6000 I mkdir -m u=rwx,go=rx,a+s J @end example If you want to try to clear these bits, you must mention them -explicitly in a symbolic mode, e.g.: +explicitly in a symbolic mode, or use an operator numeric mode, or +specify a numeric mode with five or more octal digits, e.g.: @example -# This command tries to clear the set-user-ID +# These commands try to clear the set-user-ID # and set-group-ID bits of the directory D. chmod a-s D +chmod -6000 D +chmod =755 D +chmod 00755 D @end example This behavior is a @acronym{GNU} extension. Portable scripts should not rely on requests to set or clear these bits on directories, as @acronym{POSIX} allows implementations to ignore these requests. +The @acronym{GNU} behavior with numeric modes of four or fewer digits +is intended for scripts portable to systems that preserve these bits; +the behavior with numeric modes of five or more digits is for scripts +portable to systems that do not preserve the bits. diff --git a/src/chmod.c b/src/chmod.c index a134e3f..aa4ac77 100644 --- a/src/chmod.c +++ b/src/chmod.c @@ -398,7 +398,7 @@ With --reference, change the mode of each FILE to that of RFILE.\n\ fputs (VERSION_OPTION_DESCRIPTION, stdout); fputs (_("\ \n\ -Each MODE is of the form '[ugoa]*([-+=]([rwxXst]*|[ugo]))+'.\n\ +Each MODE is of the form '[ugoa]*([-+=]([rwxXst]*|[ugo]))+|[-+=][0-7]+'.\n\ "), stdout); emit_ancillary_info (); } @@ -430,7 +430,8 @@ main (int argc, char **argv) recurse = force_silent = diagnose_surprises = false; while ((c = getopt_long (argc, argv, - "Rcfvr::w::x::X::s::t::u::g::o::a::,::+::=::", + ("Rcfvr::w::x::X::s::t::u::g::o::a::,::+::=::" + "0::1::2::3::4::5::6::7::"), long_options, NULL)) != -1) { @@ -449,6 +450,8 @@ main (int argc, char **argv) case ',': case '+': case '=': + case '0': case '1': case '2': case '3': + case '4': case '5': case '6': case '7': /* Support nonportable uses like "chmod -w", but diagnose surprises due to umask confusion. Even though "--", "--r", etc., are valid modes, there is no "case '-'" here since diff --git a/tests/chmod/setgid b/tests/chmod/setgid index eaa9351..081c36e 100755 --- a/tests/chmod/setgid +++ b/tests/chmod/setgid @@ -1,6 +1,7 @@ #!/bin/sh # Make sure GNU chmod works the same way as those of Solaris, HPUX, AIX -# wrt directories with the setgid bit set. +# on directories with the setgid bit set. Also, check that the GNU octal +# notations work. # Copyright (C) 2001-2012 Free Software Foundation, Inc. @@ -21,7 +22,7 @@ print_ver_ chmod umask 0 -mkdir d || framework_failure_ +mkdir -m 755 d || framework_failure_ chmod g+s d 2> /dev/null && env -- test -g d || { @@ -40,9 +41,24 @@ chmod g+s d 2> /dev/null && env -- test -g d || env -- test -g d || skip_ 'cannot create setgid directories' +for mode in \ + + - g-s 00755 000755 =755 -2000 -7022 755 0755 \ + +2000 -5022 =7777,-5022 +do + chmod $mode d || fail=1 -chmod 755 d + case $mode in + g-s | 00*755 | =755 | -2000 | -7022) + expected_mode=drwxr-xr-x ;; + *) expected_mode=drwxr-sr-x ;; + esac + ls_output=`ls -ld d` + case $ls_output in + $expected_mode*) ;; + *) fail=1 ;; + esac -case `ls -ld d` in drwxr-sr-x*);; *) fail=1;; esac + chmod =2755 d || fail=1 +done Exit $fail -- 1.7.6.5 ------------=_1331262422-18615-1 Content-Type: message/rfc822 Content-Disposition: inline Content-Transfer-Encoding: 7bit Received: (at submit) by debbugs.gnu.org; 31 Mar 2011 16:47:31 +0000 Received: from localhost ([127.0.0.1] helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.69) (envelope-from ) id 1Q5L1t-0005UM-Ml for submit@debbugs.gnu.org; Thu, 31 Mar 2011 12:47:30 -0400 Received: from eggs.gnu.org ([140.186.70.92]) by debbugs.gnu.org with esmtp (Exim 4.69) (envelope-from ) id 1Q5Dkj-0002iF-Hu for submit@debbugs.gnu.org; Thu, 31 Mar 2011 05:01:18 -0400 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1Q5Dkd-0008Fa-68 for submit@debbugs.gnu.org; Thu, 31 Mar 2011 05:01:12 -0400 X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on eggs.gnu.org X-Spam-Level: X-Spam-Status: No, score=-1.9 required=5.0 tests=BAYES_00 autolearn=unavailable version=3.3.1 Received: from lists.gnu.org ([199.232.76.165]:55406) by eggs.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1Q5Dkb-0008E3-CK for submit@debbugs.gnu.org; Thu, 31 Mar 2011 05:01:11 -0400 Received: from [140.186.70.92] (port=48642 helo=eggs.gnu.org) by lists.gnu.org with esmtp (Exim 4.43) id 1Q5DkQ-0006yz-2g for bug-coreutils@gnu.org; Thu, 31 Mar 2011 05:01:01 -0400 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1Q5DkL-000890-VA for bug-coreutils@gnu.org; Thu, 31 Mar 2011 05:00:54 -0400 Received: from mx2.wwserver.net ([83.151.26.69]:43654) by eggs.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1Q5DkL-00088R-Ky for bug-coreutils@gnu.org; Thu, 31 Mar 2011 05:00:53 -0400 Received: from localhost (localhost [127.0.0.1]) by mx2.wwserver.net (Postfix) with ESMTP id 58D901902 for ; Thu, 31 Mar 2011 11:00:51 +0200 (CEST) X-Virus-Scanned: amavisd-new at wwserver.net Received: from mx2.wwserver.net ([127.0.0.1]) by localhost (mx2.wwserver.net [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id PwVsmxQi12KP for ; Thu, 31 Mar 2011 09:00:47 +0000 (UTC) Received: from lape.de.scorpio-it.net (lape.de.scorpio-it.net [192.168.101.121]) by mx2.wwserver.net (Postfix) with ESMTP id 821259BB for ; Thu, 31 Mar 2011 11:00:47 +0200 (CEST) Received: from [127.0.0.1] (localhost [127.0.0.1]) by lape.de.scorpio-it.net (Postfix) with ESMTP id 63E0A942 for ; Thu, 31 Mar 2011 11:01:08 +0200 (CEST) Message-ID: <4D9442D4.6040409@computersalat.de> Date: Thu, 31 Mar 2011 11:01:08 +0200 From: Christian User-Agent: Mozilla/5.0 (X11; U; Linux x86_64; de; rv:1.9.2.14) Gecko/20110221 SUSE/3.1.8 Thunderbird/3.1.8 MIME-Version: 1.0 To: bug-coreutils@gnu.org Subject: chmod setuid & setguid bits Content-Type: text/plain; charset=UTF-8; format=flowed Content-Transfer-Encoding: quoted-printable X-detected-operating-system: by eggs.gnu.org: GNU/Linux 2.6 (newer, 3) X-detected-operating-system: by eggs.gnu.org: GNU/Linux 2.6 (newer, 2) X-Received-From: 199.232.76.165 X-Spam-Score: -6.6 (------) X-Debbugs-Envelope-To: submit X-Mailman-Approved-At: Thu, 31 Mar 2011 12:47:28 -0400 X-BeenThere: debbugs-submit@debbugs.gnu.org X-Mailman-Version: 2.1.11 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Sender: debbugs-submit-bounces@debbugs.gnu.org Errors-To: debbugs-submit-bounces@debbugs.gnu.org X-Spam-Score: -6.6 (------) Why can I only use symbolic modes for clearing ? ----snip chmod(1) --- and you can set (but not clear) the bits with a numeric mode. ----snip chmod(1) --- isn't "chmod 0755 DIR" explicit enough ? Cheer --=20 Christian --------------------------------------------------- Der ultimative shop f=C3=BCr Sportbekleidung und Zubeh=C3=B6r http://www.sc24.de --------------------------------------------------- ------------=_1331262422-18615-1--