GNU bug report logs -
#8391
chmod setuid & setguid bits
Previous Next
Reported by: Christian <chris <at> computersalat.de>
Date: Thu, 31 Mar 2011 16:48:04 UTC
Severity: normal
Done: Paul Eggert <eggert <at> cs.ucla.edu>
Bug is archived. No further changes may be made.
Full log
Message #50 received at 8391 <at> debbugs.gnu.org (full text, mbox):
On 02/24/2012 04:53 AM, Ondrej Vasik wrote:
> +@command{chmod} by default keeps the set-user-ID and set-group-ID bits
> +of @var{mode} of a directory when the mode is specified as an octal digit,
> +unless the mode length is 5 digits with leading double zero.
Wait a minute: 00755 works, but 000775 doesn't? Isn't that odd?
Also, what about modes like 0000? They have two leading zeros --
shouldn't they clear the setuid bits too?
The more I think about it, the more-confusing the double-leading-zero
notation see,s. How about using a more-obvious notation instead?
Say, a leading "="? For example, "=755" would mean "exactly 755"
and would clear the setuid bit. mode_compile could implement this.
Regardless, documentation about this notation should be be in the
section "Directories and the Set-User-ID and Set-Group-ID Bits";
that's where it belongs.
+ mode_adjust (old_mode, (S_ISDIR (old_mode) != 0) && keepdirbits,
+ 0, change, NULL);
This change depends on internal details of mode_adjust, and doesn't
feel right. The second argument of mode_adjust means that the argument
is a directory, and is also used to interpret modes like +X.
The code above will work, but it's not clean. It'd be better
to make the second argument of mode_adjust an int 'flags' argument,
with two flags, one flag saying that it's a directory and one flag saying
whether it should ignore requests to clear UID and GID bits.
Or better yet, leave the call to mode_adjust alone, and have mode_compile
figure this stuff out.
This bug report was last modified 13 years and 80 days ago.
Previous Next
GNU bug tracking system
Copyright (C) 1999 Darren O. Benham,
1997,2003 nCipher Corporation Ltd,
1994-97 Ian Jackson.