Another point of concern is that the user might have specifically set
the read-only flag only certain files
to protect them from changes/deletion, but after the patch, git can
delete them with impunity.
But then, a file's permission isn't supposed to matter to unlink() anyways.
Interestingly, Cygwin's packaged unlink command-line utility will
delete read-only files,
so Cygwin's attempt to fake permissions through the read-only flag
when a filesystem is mounted with "noacl"
seems to be inconsistent.
I'll leave this issue up to Cygwin's package maintainer for git.
Regards,
Rei
2011/6/29 Christof Krüger <git@xxxxxxxxxxxxxxxxxxx>:
>> +#undef unlink
>> +int cygwin_unlink(const char *pathname)
>> +{
>> + /* "read-only" files can't be unlinked */
>> + chmod(pathname, 0666);
>> + return unlink(pathname);
>> +}
>
> I've no idea on how cygwin maps file permissions to the underlying
> filesystem, but the above raised my attention. Doesn't chmodding the file
> to 0666 open a small windows where "group" and "other" users have read
> access to the file? This might be unwanted by the user and could be
> exploited by some attacker listening for changes on that file.
> Or am I too paranoid?
>
> Regards,
> Chris
>
>
--
To unsubscribe from this list: send the line "unsubscribe git" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html