GNU bug report logs - #865
23.0.60; The directory is unsafe today

Previous Next

Package: emacs;

Reported by: "Lennart Borgman (gmail)" <lennart.borgman <at> gmail.com>

Date: Tue, 2 Sep 2008 16:10:05 UTC

Severity: normal

Merged with 3281, 4197, 8787

Found in version 23.3

Full log

View this message in rfc822 format

From: Eli Zaretskii <eliz <at> gnu.org>
To: Stefan Monnier <monnier <at> IRO.UMontreal.CA>, 865 <at> debbugs.gnu.org
Cc: lennart.borgman <at> gmail.com, emacs-pretest-bug <at> gnu.org
Subject: bug#865: 23.0.60; The directory is unsafe today
Date: Wed, 03 Sep 2008 21:57:45 +0300

> From: Stefan Monnier <monnier <at> IRO.UMontreal.CA>
> Date: Wed, 03 Sep 2008 14:05:43 -0400
> Cc: emacs-pretest-bug <at> gnu.org, 865 <at> emacsbugs.donarmstrong.com
> 
> > If you really want to make sure no one else can write you have to set up
> > the access rights for that. On w32 that means you should modify the ACL
> > list. The current code is far from that.
> 
> The current code "does just that" using file-modes.
> Now, of course, depending on how file-modes are mapped to&from ACLs,
> this may DTRT or not.

The problem is not the mapping of ACLs into file modes, the problem is
the opposite mapping.  The current Emacs code assumes Posix semantics,
where a file created like this:

  (letf (((default-file-modes) ?\700)) (make-directory dir t))

will not be accessible by anyone else but the user who created it.
But on Windows, this does not do what it does on Posix, because the
Posix rwx model does not map well into ACLs.  If we want this to work
on platforms that support ACLs (including some varieties of GNU/Linux
systems), we need to use a more sophisticated abstraction.
This bug report was last modified 7 years and 236 days ago.

Previous Next

GNU bug tracking system
Copyright (C) 1999 Darren O. Benham, 1997,2003 nCipher Corporation Ltd, 1994-97 Ian Jackson.