[hackers] [sbase] [PATCH v4 2/4] cp: Only call chmod with -p or -a

From: Michael Forney <mforney_AT_mforney.org>
Date: Mon, 3 Jul 2017 14:58:50 -0700

Previously, when the destination file was created with fopen, we needed
to use fchmod to set its permissions.

Now that we pass in the mode to creat, we already get the desired
behavior of creating the file with the same mode as the source file
modified by the user's file creation mask.

This fixes the issue where a directory or special file created with
mkdir/mknod does not end up with the appropriate mode with -p or -a
(since it may have been narrowed by the umask).

This also allows us to clear the SUID and SGID bits from the mode if the
chown fails, as specified by POSIX.

---
 libutil/cp.c | 11 ++++++-----
 1 file changed, 6 insertions(+), 5 deletions(-)
diff --git a/libutil/cp.c b/libutil/cp.c
index 208a073..b6f8b23 100644
--- a/libutil/cp.c
+++ b/libutil/cp.c
_AT_@ -139,9 +139,6 @@ cp(const char *s1, const char *s2, int depth)
 			return 0;
 		}
 
-		/* preserve permissions by default */
-		fchmod(f2, st.st_mode);
-
 		close(f1);
 		close(f2);
 	}
_AT_@ -155,12 +152,16 @@ cp(const char *s1, const char *s2, int depth)
 			cp_status = 1;
 		}
 
-		/* owner */
+		/* owner and mode */
 		if (!S_ISLNK(st.st_mode)) {
 			if (chown(s2, st.st_uid, st.st_gid) < 0) {
 				weprintf("chown %s:", s2);
 				cp_status = 1;
-				return 0;
+				st.st_mode &= ~(S_ISUID | S_ISGID);
+			}
+			if (chmod(s2, st.st_mode) < 0) {
+				weprintf("chmod %s:", s2);
+				cp_status = 1;
 			}
 		} else {
 			if (lchown(s2, st.st_uid, st.st_gid) < 0) {
-- 
2.13.2

Received on Mon Jul 03 2017 - 23:58:50 CEST