[hackers] [sbase] [PATCH v3 4/6] cp: Only call chmod with -p or -a

From: Michael Forney <mforney_AT_mforney.org>
Date: Sun, 1 Jan 2017 17:00:35 -0800

Previously, when the destination file was created with fopen, we needed
to use fchmod to set its permissions.

Now that we pass in the mode to creat, we already get the desired
behavior of creating the file with the same mode as the source file
modified by the user's file creation mask.

This fixes the issue where a directory or special file created with
mkdir/mknod does not end up with the appropriate mode with -p or -a
(since it may have been narrowed by the umask).

This also allows us to clear the SUID and SGID bits from the mode if the
chown fails, as specified by POSIX.

---
 libutil/cp.c | 11 ++++++-----
 1 file changed, 6 insertions(+), 5 deletions(-)
diff --git a/libutil/cp.c b/libutil/cp.c
index c35d03e..e212a48 100644
--- a/libutil/cp.c
+++ b/libutil/cp.c
_AT_@ -134,9 +134,6 @@ cp(const char *s1, const char *s2, int depth)
 			return 0;
 		}
 
-		/* preserve permissions by default */
-		fchmod(f2, st.st_mode);
-
 		close(f1);
 		close(f2);
 	}
_AT_@ -150,12 +147,16 @@ cp(const char *s1, const char *s2, int depth)
 			cp_status = 1;
 		}
 
-		/* owner */
+		/* owner and mode */
 		if (!S_ISLNK(st.st_mode)) {
 			if (chown(s2, st.st_uid, st.st_gid) < 0) {
 				weprintf("chown %s:", s2);
 				cp_status = 1;
-				return 0;
+				st.st_mode &= ~(S_ISUID | S_ISGID);
+			}
+			if (chmod(s2, st.st_mode) < 0) {
+				weprintf("chmod %s:", s2);
+				cp_status = 1;
 			}
 		} else {
 			if (lchown(s2, st.st_uid, st.st_gid) < 0) {
-- 
2.11.0

Received on Mon Jan 02 2017 - 02:00:35 CET