| Message ID | xmqqr0yrhco6.fsf@gitster.g (mailing list archive) |
|---|---|
| State | Accepted |
| Commit | 671bbf7b9da70bad0307d616e7f6717a28300ffc |
| Headers | show |
| Series | adjust_shared_perm(): leave g+s alone when the group does not matter | expand |
On 2022-10-28 at 21:16:09, Junio C Hamano wrote: > Julien Moutinho reports that in an environment where directory does > not have BSD group semantics and requires g+s (aka FORCE_DIR_SET_GID) > but the system cripples chmod() to forbid g+s, adjust_shared_perm() I would personally use a different verb here because I have the impression it's offensive, at least when used as a noun. Perhaps "limit" or "restrict" might be more neutral, or we could pick another verb which expresses our displeasure at this design (maybe "impair"?) but maybe is less likely to be emotionally charged or offend. > fails even when the repository is for private use with perm = 0600. > > When we grant extra access based on group membership (i.e. the > directory has either g+r or g+w bit set), which group the directory > and its contents are owned by matters. But otherwise (e.g. perm is > set to 0600, in Julien's case), flipping g+s bit is not necessary. Except for my comment above, I think the patch here addresses the proposed issue and looks good, and as usual, is well explained.
"brian m. carlson" <sandals@crustytoothpaste.net> writes: > On 2022-10-28 at 21:16:09, Junio C Hamano wrote: >> Julien Moutinho reports that in an environment where directory does >> not have BSD group semantics and requires g+s (aka FORCE_DIR_SET_GID) >> but the system cripples chmod() to forbid g+s, adjust_shared_perm() > > I would personally use a different verb here because I have the > impression it's offensive, at least when used as a noun. Perhaps > "limit" or "restrict" might be more neutral, or we could pick another > verb which expresses our displeasure at this design (maybe "impair"?) > but maybe is less likely to be emotionally charged or offend. castrates? butchers? tweaks? That's quite neutral.
On 2022-10-28 at 21:51:42, Junio C Hamano wrote: > "brian m. carlson" <sandals@crustytoothpaste.net> writes: > > > On 2022-10-28 at 21:16:09, Junio C Hamano wrote: > >> Julien Moutinho reports that in an environment where directory does > >> not have BSD group semantics and requires g+s (aka FORCE_DIR_SET_GID) > >> but the system cripples chmod() to forbid g+s, adjust_shared_perm() > > > > I would personally use a different verb here because I have the > > impression it's offensive, at least when used as a noun. Perhaps > > "limit" or "restrict" might be more neutral, or we could pick another > > verb which expresses our displeasure at this design (maybe "impair"?) > > but maybe is less likely to be emotionally charged or offend. > > castrates? butchers? > > tweaks? That's quite neutral. I think "butchers" or "tweaks" should be fine. I might say "modifies" as well.
"brian m. carlson" <sandals@crustytoothpaste.net> writes: > On 2022-10-28 at 21:51:42, Junio C Hamano wrote: >> "brian m. carlson" <sandals@crustytoothpaste.net> writes: >> >> > On 2022-10-28 at 21:16:09, Junio C Hamano wrote: >> >> Julien Moutinho reports that in an environment where directory does >> >> not have BSD group semantics and requires g+s (aka FORCE_DIR_SET_GID) >> >> but the system cripples chmod() to forbid g+s, adjust_shared_perm() >> > >> > I would personally use a different verb here because I have the >> > impression it's offensive, at least when used as a noun. Perhaps >> > "limit" or "restrict" might be more neutral, or we could pick another >> > verb which expresses our displeasure at this design (maybe "impair"?) >> > but maybe is less likely to be emotionally charged or offend. >> >> castrates? butchers? >> >> tweaks? That's quite neutral. > > I think "butchers" or "tweaks" should be fine. I might say "modifies" > as well. I've decided to weaken it a lot by phrasing it like so: ... but the system forbids chmod() to touch the g+s bit, ...
diff --git a/path.c b/path.c index a3cfcd8a6e..492e17ad12 100644 --- a/path.c +++ b/path.c @@ -901,7 +901,13 @@ int adjust_shared_perm(const char *path) if (S_ISDIR(old_mode)) { /* Copy read bits to execute bits */ new_mode |= (new_mode & 0444) >> 2; - new_mode |= FORCE_DIR_SET_GID; + + /* + * g+s matters only if any extra access is granted + * based on group membership. + */ + if (FORCE_DIR_SET_GID && (new_mode & 060)) + new_mode |= FORCE_DIR_SET_GID; } if (((old_mode ^ new_mode) & ~S_IFMT) &&
Julien Moutinho reports that in an environment where directory does not have BSD group semantics and requires g+s (aka FORCE_DIR_SET_GID) but the system cripples chmod() to forbid g+s, adjust_shared_perm() fails even when the repository is for private use with perm = 0600. When we grant extra access based on group membership (i.e. the directory has either g+r or g+w bit set), which group the directory and its contents are owned by matters. But otherwise (e.g. perm is set to 0600, in Julien's case), flipping g+s bit is not necessary. Reported-by: Julien Moutinho <julm+git@sourcephile.fr> Signed-off-by: Junio C Hamano <gitster@pobox.com> --- path.c | 8 +++++++- 1 file changed, 7 insertions(+), 1 deletion(-)