This is the mail archive of the cygwin mailing list for the Cygwin project.


Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]
Other format: [Raw text]

Re: rebase db perms seem too restrictive


On Nov 17 14:14, Shaddy Baddah wrote:
> Hi,
> 
> I expect that there wasn't any explicit reasoning behind this, but
> rebase creates a db with permissions that are too restrictive. To me
> anyway, as I cannot see any danger in the db being readable by all.
> 
> This snippet describes it:
> 
> <snip>
> $ whoami
> sbaddah
> $ od -c /etc/rebase.db.x86_64
> od: /etc/rebase.db.x86_64: Permission denied
> $ ls -l /etc/rebase.db.x86_64
> -rw-rw---- 1 portapps None 86020 Nov 11 15:34 /etc/rebase.db.x86_64
> </snip>
> 
> I've attached an untested patch that would allow at least world readable
> perms. It would be appreciated if it was applied :-)
> 
> -- 
> Regards,
> Shaddy

> diff --git a/rebase.c b/rebase.c
> index 9504a48..a078e1d 100644
> --- a/rebase.c
> +++ b/rebase.c
> @@ -288,7 +288,7 @@ mkstemp (char *name)
>  {
>    return _open (mktemp (name),
>        O_RDWR | O_BINARY | O_CREAT | O_EXCL | O_TRUNC | _O_SHORT_LIVED,
> -      _S_IREAD|_S_IWRITE);
> +      _S_IREAD|_S_IWRITE|S_IRGRP|S_IROTH);
>  }
>  #endif

That won't work.  Check the surroundng #ifdef's.  The mkstemp
replacement function is only called when building rebase for Mingw.  If
it's called on Cygwin, it uses Cygwin's implementation of mkstemp,
which follows the (security) lead of other POSIX systems and creates
the files with 0600 permissions.  After the file got written, the
permissions are changed, see lines 358ff.


Corinna

-- 
Corinna Vinschen                  Please, send mails regarding Cygwin to
Cygwin Maintainer                 cygwin AT cygwin DOT com
Red Hat

Attachment: pgpnqD31ZtnZs.pgp
Description: PGP signature


Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]