From mboxrd@z Thu Jan  1 00:00:00 1970
Path: news.gmane.org!not-for-mail
From: Wolfgang Jenkner <wjenkner@inode.at>
Newsgroups: gmane.emacs.bugs
Subject: bug#13125: Fix permissions bugs with setgid directories etc.
Date: Sun, 09 Dec 2012 17:43:31 +0100
Message-ID: <85a9tnkw8d.fsf@iznogoud.viz>
References: <50C3E5CE.2000307@cs.ucla.edu>
NNTP-Posting-Host: plane.gmane.org
Mime-Version: 1.0
Content-Type: text/plain
X-Trace: ger.gmane.org 1355071719 31092 80.91.229.3 (9 Dec 2012 16:48:39 GMT)
X-Complaints-To: usenet@ger.gmane.org
NNTP-Posting-Date: Sun, 9 Dec 2012 16:48:39 +0000 (UTC)
Cc: 13125@debbugs.gnu.org
To: Paul Eggert <eggert@cs.ucla.edu>
Original-X-From: bug-gnu-emacs-bounces+geb-bug-gnu-emacs=m.gmane.org@gnu.org Sun Dec 09 17:48:53 2012
Return-path: <bug-gnu-emacs-bounces+geb-bug-gnu-emacs=m.gmane.org@gnu.org>
Envelope-to: geb-bug-gnu-emacs@m.gmane.org
Original-Received: from lists.gnu.org ([208.118.235.17])
	by plane.gmane.org with esmtp (Exim 4.69)
	(envelope-from <bug-gnu-emacs-bounces+geb-bug-gnu-emacs=m.gmane.org@gnu.org>)
	id 1Thk3d-0000Wq-GG
	for geb-bug-gnu-emacs@m.gmane.org; Sun, 09 Dec 2012 17:48:49 +0100
Original-Received: from localhost ([::1]:45395 helo=lists.gnu.org)
	by lists.gnu.org with esmtp (Exim 4.71)
	(envelope-from <bug-gnu-emacs-bounces+geb-bug-gnu-emacs=m.gmane.org@gnu.org>)
	id 1Thk3R-0001B7-6t
	for geb-bug-gnu-emacs@m.gmane.org; Sun, 09 Dec 2012 11:48:37 -0500
Original-Received: from eggs.gnu.org ([208.118.235.92]:46487)
	by lists.gnu.org with esmtp (Exim 4.71)
	(envelope-from <Debian-debbugs@debbugs.gnu.org>) id 1Thk3M-0001A1-Pa
	for bug-gnu-emacs@gnu.org; Sun, 09 Dec 2012 11:48:34 -0500
Original-Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71)
	(envelope-from <Debian-debbugs@debbugs.gnu.org>) id 1Thk3L-0005Ch-I5
	for bug-gnu-emacs@gnu.org; Sun, 09 Dec 2012 11:48:32 -0500
Original-Received: from debbugs.gnu.org ([140.186.70.43]:52255)
	by eggs.gnu.org with esmtp (Exim 4.71)
	(envelope-from <Debian-debbugs@debbugs.gnu.org>) id 1Thk3L-0005Cd-F7
	for bug-gnu-emacs@gnu.org; Sun, 09 Dec 2012 11:48:31 -0500
Original-Received: from Debian-debbugs by debbugs.gnu.org with local (Exim 4.72)
	(envelope-from <Debian-debbugs@debbugs.gnu.org>) id 1Thk3p-00060W-L3
	for bug-gnu-emacs@gnu.org; Sun, 09 Dec 2012 11:49:01 -0500
X-Loop: help-debbugs@gnu.org
In-Reply-To: <50C3E5CE.2000307@cs.ucla.edu>
Resent-From: Wolfgang Jenkner <wjenkner@inode.at>
Original-Sender: debbugs-submit-bounces@debbugs.gnu.org
Resent-CC: bug-gnu-emacs@gnu.org
Resent-Date: Sun, 09 Dec 2012 16:49:01 +0000
Resent-Message-ID: <handler.13125.B13125.135507173723082@debbugs.gnu.org>
Resent-Sender: help-debbugs@gnu.org
X-GNU-PR-Message: followup 13125
X-GNU-PR-Package: emacs
X-GNU-PR-Keywords: patch security
Original-Received: via spool by 13125-submit@debbugs.gnu.org id=B13125.135507173723082
	(code B ref 13125); Sun, 09 Dec 2012 16:49:01 +0000
Original-Received: (at 13125) by debbugs.gnu.org; 9 Dec 2012 16:48:57 +0000
Original-Received: from localhost ([127.0.0.1]:34273 helo=debbugs.gnu.org)
	by debbugs.gnu.org with esmtp (Exim 4.72)
	(envelope-from <debbugs-submit-bounces@debbugs.gnu.org>)
	id 1Thk3k-00060F-Gf
	for submit@debbugs.gnu.org; Sun, 09 Dec 2012 11:48:56 -0500
Original-Received: from mx08.lb01.inode.at ([62.99.145.8]:39629 helo=mx.inode.at)
	by debbugs.gnu.org with esmtp (Exim 4.72)
	(envelope-from <xdsl0000474440@inode.at>) id 1Thk3h-000604-2e
	for 13125@debbugs.gnu.org; Sun, 09 Dec 2012 11:48:54 -0500
Original-Received: from [91.119.206.19] (port=2066 helo=iznogoud.viz)
	by smartmx-08.inode.at with esmtps (TLS1.0:DHE_RSA_AES_256_CBC_SHA1:32)
	(Exim 4.69) (envelope-from <xdsl0000474440@inode.at>)
	id 1Thk3B-0003ce-4z; Sun, 09 Dec 2012 17:48:21 +0100
Original-Received: from wolfgang by iznogoud.viz with local (Exim 4.80.1 (FreeBSD))
	(envelope-from <wolfgang@iznogoud.viz>)
	id 1Thk38-0006ij-DE; Sun, 09 Dec 2012 17:48:18 +0100
User-Agent: Gnus/5.130006 (Ma Gnus v0.6) Emacs/24.3.50 (berkeley-unix)
X-BeenThere: debbugs-submit@debbugs.gnu.org
X-Mailman-Version: 2.1.13
Precedence: list
X-detected-operating-system: by eggs.gnu.org: GNU/Linux 2.6.x
X-Received-From: 140.186.70.43
X-BeenThere: bug-gnu-emacs@gnu.org
List-Id: "Bug reports for GNU Emacs,
	the Swiss army knife of text editors" <bug-gnu-emacs.gnu.org>
List-Unsubscribe: <https://lists.gnu.org/mailman/options/bug-gnu-emacs>,
	<mailto:bug-gnu-emacs-request@gnu.org?subject=unsubscribe>
List-Archive: <http://lists.gnu.org/archive/html/bug-gnu-emacs>
List-Post: <mailto:bug-gnu-emacs@gnu.org>
List-Help: <mailto:bug-gnu-emacs-request@gnu.org?subject=help>
List-Subscribe: <https://lists.gnu.org/mailman/listinfo/bug-gnu-emacs>,
	<mailto:bug-gnu-emacs-request@gnu.org?subject=subscribe>
Errors-To: bug-gnu-emacs-bounces+geb-bug-gnu-emacs=m.gmane.org@gnu.org
Original-Sender: bug-gnu-emacs-bounces+geb-bug-gnu-emacs=m.gmane.org@gnu.org
Xref: news.gmane.org gmane.emacs.bugs:68238
Archived-At: <http://permalink.gmane.org/gmane.emacs.bugs/68238>

On Sun, Dec 09 2012, Paul Eggert wrote:

> In several places Emacs assumes that on 4.2BSD hosts, a newly created
> file is given a group ID equal to its parent directory, and that on
> non-4.2BSD hosts the new files are given Emacs's group ID.  Although
> this was true long ago, it hasn't been true for many years.  Most
> commonly, the old 4.2BSD behavior is now selected by the setgid bit on
> directories.

I understand you are describing here the most common behaviour only for
non-4.2BSD descendants?

I've tested your patch by typing the following in a *shell* buffer.

[[1 ~]]$ uname -rs
FreeBSD 9.1-PRERELEASE
[[2 ~]]$ id
uid=1002(wolfgang) gid=20(staff) groups=20(staff),0(wheel),5(operator)
[[3 ~]]$ ls -ld /tmp
drwxrwxrwt  8 root  wheel  512 Dec  9 16:59 /tmp/
[[4 ~]]$ rm -f /tmp/foo && touch $_
[[5 ~]]$ ls -l $_
-rw-r--r--  1 wolfgang  wheel  0 Dec  9 17:01 /tmp/foo
[[6 ~]]$ 

Then, in the same emacs process, I evaluate

(file-ownership-preserved-p "/tmp/foo")
=> t

which is fine, but

(file-ownership-preserved-p "/tmp/foo" t)
=> nil

is not since /tmp/foo will always be created in the wheel group.
Indeed, in an unpatched emacs, I get the expected

(nth 9 (file-attributes "/tmp/foo"))
=> nil

Now, open(2) on all free BSD descendants invariably, literally and
unconditionally states

     When a new file is created it is given the group of the directory which
     contains it.

So I wonder if the following lightly tested patch (on top of yours)
would give better results in this case (in the absence of races with
other processes).

Wolfgang

=== modified file 'lisp/files.el'
--- lisp/files.el	2012-12-09 15:29:12 +0000
+++ lisp/files.el	2012-12-09 16:25:09 +0000
@@ -4039,6 +4039,7 @@
 		     (and (eq system-type 'windows-nt)
 			  (= (user-uid) 500) (= (nth 2 attributes) 544)))
 		 (or (not group)
+		     (memq system-type '(berkeley-unix darwin))
 		     (= (nth 3 attributes) (group-gid)))
 		 (let* ((parent (or (file-name-directory file) "."))
 			(parent-attributes (file-attributes parent 'integer)))
@@ -4052,7 +4053,10 @@
 			;; inherits that directory's group.  On some systems
 			;; this happens even if the setgid bit is not set.
 			(or (not group)
-			    (= (nth 3 parent-attributes) (group-gid)))))))))))
+			    (= (nth 3 parent-attributes)
+			       (if (memq system-type '(berkeley-unix darwin))
+				   (nth 3 attributes)
+				 (group-gid))))))))))))
 
 (defun file-name-sans-extension (filename)
   "Return FILENAME sans final \"extension\".