Products Openwall GNU/*/Linux   server OS Linux Kernel Runtime Guard John the Ripper   password cracker Free & Open Source for any platform in the cloud Pro for Linux Pro for macOS Wordlists   for password cracking passwdqc   policy enforcement Free & Open Source for Unix Pro for Windows (Active Directory) yescrypt   KDF & password hashing yespower   Proof-of-Work (PoW) crypt_blowfish   password hashing phpass   ditto in PHP tcb   better password shadowing Pluggable Authentication Modules scanlogd   port scan detector popa3d   tiny POP3 daemon blists   web interface to mailing lists msulogin   single user mode login php_mt_seed   mt_rand() cracker Services Publications Articles Presentations Resources Mailing lists Community wiki Source code repositories (GitHub) Source code repositories (CVSweb) File archive & mirrors How to verify digital signatures OVE IDs What's new

Date: Wed, 22 Jan 2020 09:15:57 -0500
From: Rich Felker <dalias@...c.org>
To: bug-coreutils@....org
Cc: musl@...ts.openwall.com
Subject: coreutils cp mishandles error return from lchmod

cp (and perhaps other utilities) are treating EOPNOTSUPP from lchmod
as a hard error rather than an indication that the system does not
support modes for symlinks. This recently came up on
https://bugs.gentoo.org/687236#c17 where users are claiming recent
changes to gnulib made the problem go away, but I'm not sure what the
mechanism was, since the underlying problem is still there. Users only
hit the problem on cross-compiling, presumably due to logic in how
gnulib replaces lchmod, and due to gnulib's replacement wrongly
following symlinks (it just #defines it to chmod). gnulib documents
that the caller must check before calling lchmod that the file is not
a symlink, but this is unsafe in the presence of race conditions,

While lchmod is not a standard function, fchmodat with
AT_SYMLINK_NOFOLLOW is, and specifies EOPNOTSUPP for the case where
the system does not support modes on symlinks. musl provides lchmod as
a simple wrapper for this, yielding a version that is safe.

coreutils should be opting to use the system-provided lchmod, which is
safe, and correctly handling error returns (silently treating
EOPNOTSUPP as success) rather than as hard errors.

Rich

Powered by blists - more mailing lists

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.