Paul Eggert wrote: > Lasse Collin <[EMAIL PROTECTED]> writes: > > From practical point of view, the original owner always had all > > permission to access the original file. > > True in the usual case, but is that true even with ACLs? That's not > clear to me. The ACL rules can get pretty hairy. But I digress....
To my understanding, this is true with the so called POSIX ACLs supported by at least Linux and FreeBSD. The POSIX ACL specification was abandoned so this type of ACLs are not officially standardized. NFSv4 ACLs are more complex. I don't know if the above case is true with NFSv4 ACLs. > > I wonder how many programs copy permission bits as is. For example, > > "cp foo bar" copies permission bits but masks them with umask. > > That's the most common pattern. Less common is "cp -p" style. I noticed that "cp -p" doesn't copy GID if it cannot copy UID. The same applies to unpatched gzip. That's because fchown() fails and does nothing if it cannot set both UID and GID. I think it could be a good idea to either retry with UID = -1 if fchown() fails, or simply set UID and GID with separate fchown() calls. I understood that this change will be made to GNU coreutils too. > > The programs that need to copy the owner, group and permissions, > > would need some extra code to copy ACLs and EAs. > > Yes. This stuff isn't standardized though. Maybe when it's better > supported we can add it to gzip. Some userspace software like GNU coreutils support the so called POSIX ACLs already. -- Lasse Collin | IRC: Larhzu @ IRCnet & Freenode
