Alex Riesen <raa.lkml@xxxxxxxxx> writes: > At least FreeBSD 4.11p2 does not allow changing SUID/GUID bits to > a non-root user. Sorry, but I do not understand this change. > diff --git a/path.c b/path.c > index af27161..4865e98 100644 > --- a/path.c > +++ b/path.c > @@ -265,6 +265,7 @@ int adjust_shared_perm(const char *path) > return 0; > if (lstat(path, &st) < 0) > return -1; > + st.st_mode &= 07777 & ~(S_ISUID|S_ISGID); > mode = st.st_mode; If the thing is a directory, we say later in the code that we want to see S_ISGID set, like this: ... if (S_ISDIR(mode)) mode |= S_ISGID; if ((mode & st.st_mode) != mode && chmod(path, mode) < 0) return -2; return 0; and then we compare with st.st_mode so that we do not chmod() what's already good Your change means we will always try to chmod all the directories, and your explanation suggests that such a chmod to do g+s on directories would also fail (and your patch does not fix it -- we actively try to make sure directories have g+s set). Side note. the wording in your message, "does not allow changing", is very unclear. Do you mean "non-root cannot do u+s,g+s"? Or do you mean "non-root cannot do u+s,g+s, non-root cannot do u-s,g-s either"? For regular files, I do not think we have any reason to set u+s or g+s ourselves, and we do not try to do so either. As long as the original st.st_mode does not have such bits set, the mode we will pass to chmod for regular would not try to set them. If you already had u+s,g+s when you read st.st_mode that's a different story, but then I do not know why you had such a file to begin with. I do not mind a change to make sure we do u-s,g-s on regular files, but I do not think it is necessary, and I am curious why you had files with such perm bits to begin with. -- To unsubscribe from this list: send the line "unsubscribe git" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
