Hi, On Thu, Mar 31, 2011 at 11:54:26AM -0700, Paul Eggert wrote: > On 03/31/2011 11:25 AM, Christian wrote: > > and using "0755" is explicit enough, isn't it ? > > Unfortunately it's not that simple, as having 0755 mean > something different from 755 would violate the principle > of least surprise.
I am very surprised that explicitly specifying 0 for SUID, SGID, sticky is silently ignored. > Please see the thread starting at > <http://lists.gnu.org/archive/html/bug-coreutils/2006-07/msg00124.html>. Quoting from that message: > set-user-ID and set-group-ID bits instead of clearing them. If > you want to clear the bits you can mention them explicitly, e.g., > `chmod 0755 DIR' and `chmod a-s,u=rwx,go=rx DIR'. ^^^^^^^^^^^^^^ How could one be more explicit? Paul Eggert seemed to agree: <http://lists.gnu.org/archive/html/bug-coreutils/2006-07/msg00125.html> > However, I would argue that this is more confusing than > what we've got right now, since "chmod 0755 DIR" clearly requests to > clear the setgid bit. Jim Meyering disagreed: <http://lists.gnu.org/archive/html/bug-coreutils/2006-07/msg00128.html> > Treating that leading '0' as significant violates the principle of > least surprise. Not to say that everyone who uses chmod(1) even knows > what an octal number is, but enough of us are used to that leading zero > being insignificant that I think it should remain negligible. > [...] > To me, it's not a clear request to clear the setgid bit. Eric Blake suggested a weird looking (to me anyway ;) solution: <http://lists.gnu.org/archive/html/bug-coreutils/2006-07/msg00130.html> > Should we document "chmod 00500 dir" as an explicit way to clear the > bit, or just require a textual mode string? Furthermore, it was found that vendor's implementations of chmod surprise in different ways. I'd suggest adding a warning if chmod (and possibly other utils) encounter an octal mode number with leading 0, as that might mean 'octal' or 'zero'. I'd definitely prefer interpreting the leading 0 as a zero for the SUID/SGID/sticky bits, but coreutil's viewpoint obviuosly differs... Regards, Erik -- If you don't know what you are doing, advance designs will not help. -- Eric Allman
