Launchpad has imported 2 comments from the remote bug at https://bugzilla.gnome.org/show_bug.cgi?id=790672.
If you reply to an imported comment from within Launchpad, your comment will be sent to the remote bug automatically. Read more about Launchpad's inter-bugtracker facilities at https://help.launchpad.net/InterBugTracking. ------------------------------------------------------------------------ On 2017-11-21T16:20:02+00:00 D-farhi wrote: Created attachment 364129 Video of Fileroller changing perms Hello, Ubuntu Security referred me to file a bug here. When dragging and dropping a file into a .tar.gz file that has permissions 600 set to it, in the background, a new archive is created with different permissions than the original artifact. Example: user@gnu:~/Documents/test$ ls -l total 11380 -rwxr-xr-x 1 dolev dolev 901 Nov 19 00:28 index.html -rw------- 1 dolev dolev 11629401 Nov 19 00:39 test.tar.gz when I drag an drop index.html into test.tar.gz, the following happens 1) a new .tar.gz file (vliv8kxjt2J6BRwz.test.tar.gz) is created while the file is being copied 2) when it's done, the original file gets deleted (test.tar.gz). 3) 'vliv8kxjt2J6BRwz.test.tar.gz' then gets renamed to the original filename 'test.tar.gz', while not preserving the original permissions. I'm guessing it takes umask. while file was being created: -rw------- 1 user user 901 Nov 19 00:28 index.html -rw------- 1 user user 11629401 Nov 19 00:44 test.tar.gz -rw-rw-r-- 1 user user 10137600 Nov 19 00:47 vliv8kxjt2J6BRwz.test.tar.gz total 11380 after it's done, notice the permissions changed from 600 to 664: -rw------- 1 user user 901 Nov 19 00:28 index.html -rw-rw-r-- 1 user user 11629406 Nov 19 00:47 test.tar.gz total 11380 Since the user is simply dragging and dropping a file, it's not obvious that the file now has different permissions. also, in shared environments, read permissions to others allows decompressing the archive. attached is a video for your convenience. Reply at: https://bugs.launchpad.net/ubuntu/+source/file- roller/+bug/1780380/comments/0 ------------------------------------------------------------------------ On 2020-11-11T19:13:31+00:00 Andre Klapper wrote: bugzilla.gnome.org is being replaced by gitlab.gnome.org. We are closing all old bug reports and feature requests in GNOME Bugzilla which have not seen updates for a long time. If you still use file-roller and if you still see this bug / want this feature in a currently supported version of GNOME (currently that would be 3.38), then please feel free to report it at https://gitlab.gnome.org/GNOME/file-roller/-/issues/ Thank you for creating this report and we are sorry it could not be implemented (volunteer workforce and time is limited). Reply at: https://bugs.launchpad.net/ubuntu/+source/file- roller/+bug/1780380/comments/3 ** Changed in: file-roller Status: Unknown => Expired ** Changed in: file-roller Importance: Unknown => High -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1780380 Title: modifying an existing archive changes original permissions To manage notifications about this bug go to: https://bugs.launchpad.net/file-roller/+bug/1780380/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
