What's up with chown.c doing a chmod?
Shaun Jackman
sjackman at gmail.com
Thu Jan 5 20:57:41 UTC 2006
Hello Rob,
The chmod call seems unnecessary. I just checked the coreutils
implementation of chown, and it does not call chmod at any time. I
found this comment in the source code that suggests a chown can change
permission bits. So perhaps someone was trying to undo that effect,
despite this comment's warning. I'd suggest removing the chmod call. I
don't suppose there's ChangeLog entry or cvs blame entry for the
offending line?
/* On some systems (e.g., Linux-2.4.x),
the chown function resets the `special' permission bits.
Do *not* restore those bits; doing so would open a window in
which a malicious user, M, could subvert a chown command run
by some other user and operating on files in a directory
where M has write access. */
Cheers,
Shaun
2005/12/17, Rob Landley <rob at landley.net>:
> In coreutils/chown.c, why doed fileAction call chmod(fileName,
> statbuf->st_mode); Isn't statbuf what the file _already_ has? Does the file
> need some kind of reassurance? (Attaboy, file!)
>
> I'm confused. Is chmod corrupting the permissions when we didn't ask it to?
> Why is the code doing that?
>
> Rob
> (Off fixing bug 603...)
More information about the busybox
mailing list