Re: [PATCH v4 2/3] git-compat-util: avoid failing dir ownership checks if running privileged

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

Carlo Arenas <carenas@xxxxxxxxx> writes:

>> Does Windows provide sudo that leaves the original user in SUDO_UID
>> (I doubt it)?  If not, then "on a platform that provides sudo, it will"
>> would be sufficient.
>
> At least my windows box does not, but dscho's somehow had and so that
> line was added at his request[1] after he wasted so much time trying
> to get this to work and realized the function where SUDO_UID logic
> resides doesn't even exist in a Windows build.

Ahh, of course.  

I forgot that this patch sent into is_path_owned_by_current_uid(),
as a UID as a value of some integer type is not a thing on Windows.
OK, so it does need to be as you wrote to mean "not on Windows, and
with 'sudo' that uses 'SUDO_UID' to record from whom 'root' came".

OK.

>> > + * In the unlikely scenario this happened to you, and that is how you
>> > + * got to this message, we would like to know about it by letting us
>> > + * now with an email to git@xxxxxxxxxxxxxxx indicating which platform,
>> > + * you are running on and which version of sudo you used to see if we
>> > + * can provide you a patch that would prevent this issue in the future.
>>
>> Nice.  What message does the reporter see?
>
> when using `sudo git status` a rejection of access to the directory they own

It may have been obvious to who wrote the above comment, but it was
not, at least to me.

>> > + */
>> > +static inline void extract_id_from_env(const char *env, uid_t *id)
>> > +{
>> > +     const char *real_uid = getenv(env);
>> > +
>> > +     /* discard anything empty to avoid a more complex check below */
>> > +     if (real_uid && *real_uid) {
>> > +             char *endptr = NULL;
>> > +             unsigned long env_id;
>> > +
>> > +             errno = 0;
>> > +             /* silent overflow errors could trigger a bug below */
>>
>> What "bug" are we referring to?
>
> All of them, the ones we decided to ignore because they are irrelevant
> when running as root, and the ones that are documented in the long
> paragraph above.

Likewise.  It did not click "a bug below" referred to "your sudo is
behaving in a way different from what we expected".

Thanks.
[Index of Archives]     [Linux Kernel Development]     [Gcc Help]     [IETF Annouce]     [DCCP]     [Netdev]     [Networking]     [Security]     [V4L]     [Bugtraq]     [Yosemite]     [MIPS Linux]     [ARM Linux]     [Linux Security]     [Linux RAID]     [Linux SCSI]     [Fedora Users]

  Powered by Linux