Ondřej Vašík wrote: > Ah, I knew I forgot to do something :). Thanks for spotting this. > > Restoring to dest_mode & ~omitted_permissions done in attached patch, > dropped redirections from the test as well. Additionally - I modified > the copy.c patch a bit - failure of mode change now doesn't mean that I > don't try to preserve extended attributes (as it still could pass). > Pádraig is right that it looks like some kind of bug in libattr and > fsetxattr() function, as the descriptor should be writable, anyway this > should workaround it - at least until they'll fix/change it or other way > of solution will be found. > Ok with passing to 7.7, although with such small impact and relatively > low danger, it could maybe included to 7.6 (if more snapshots will be > before real release).
Thanks for the update. However, I'd rather avoid that permission-relaxing code completely. Not only does it appear to constitute a security problem when run by root, but it may also fail, when copying, as non-priveleged, to a file that is writable but owned by someone else.
