From: Teemu Likonen <tlikonen@iki.fi>
To: Michael Albinus <michael.albinus@gmx.de>
Cc: 3712@emacsbugs.donarmstrong.com
Subject: bug#3712: 23.1.50; SECURITY: Tramp creates -rwxrwxrwx permission files with /su and /sudo method
Date: Tue, 30 Jun 2009 16:57:26 +0300 [thread overview]
Message-ID: <871vp1bz95.fsf@iki.fi> (raw)
In-Reply-To: <nqljn9kj32.fsf@alcatel-lucent.de> (Michael Albinus's message of "Tue, 30 Jun 2009 14:21:53 +0200")
On 2009-06-30 14:21 (+0200), Michael Albinus wrote:
> When creating a new file, Tramp uses Emacs' default file modes. You
> can check them with "M-: (default-file-modes)".
>
> If you want to change them, you could apply for example "M-:
> (set-default-file-modes #o0400)". The value is used then for all newly
> created files, also for local ones.
Hmm, I didn't know about those functions, thanks. And I compiled my
Emacs with your recent changes too.
I still don't like the default difference between creating a file as a
normal user or through /su: or /sudo:. Here's again an example starting
from command
umask 0022; emacs -Q
When I create a file without Tramp (C-x C-f ~/test.txt RET) to my home
directory it gets bits 0644. When I create a file through Tramp to
/sudo::/root/test.txt it gets bits 0755 (i.e. with executable bits). In
both cases Emacs's default-file-modes is the same, the untouched default
which is #o755. In fact, all the settings are the same.
I'm not sure where this difference should be fixed but from user's point
of view the Tramp part brings the unexpected end result. It's unexpected
because no other programs create new executable files by default, even
when umask doesn't mask executable bits.
I appreciate your hint about set-default-file-modes, and I'll use it if
necessary, but in my opinion user shouldn't need to run
(set-default-file-modes #o0644)
in her ~/.emacs just because she wants Tramp to behave similarly to her
umask=0022 settings. Instead, the similar behavior should be the
default.
>> And when editing existing files it should obviously respect the bits
>> that the file already has. Currently -- even with this fix -- tramp
>> is adding "x" bits at some point because "backup by rename" moves old
>> version out of the way and new is created with -rwxr-xr-x bits.
>
> As I said already, I cannot reproduce it. However, there seems to be a
> small annoyance in special cases. I've fixed this. Could you, please,
> check, whether it is OK now for you?
I could reproduce it before but it seems that not anymore with your
newest changes. If you want clear steps how to reproduce it I can
inspect the issue more closely.
Anyway, thanks for your work on Tramp and Emacs! :-)
next prev parent reply other threads:[~2009-06-30 13:57 UTC|newest]
Thread overview: 9+ messages / expand[flat|nested] mbox.gz Atom feed top
[not found] <878wj9fzlb.fsf@iki.fi>
2009-06-29 15:16 ` bug#3712: 23.1.50; SECURITY: Tramp creates -rwxrwxrwx permission files with /su and /sudo method Teemu Likonen
2009-06-29 19:10 ` Teemu Likonen
2009-06-29 21:15 ` Michael Albinus
2009-06-29 22:01 ` Teemu Likonen
[not found] ` <mailman.1531.1246313856.2239.bug-gnu-emacs@gnu.org>
2009-06-29 22:31 ` Teemu Likonen
2009-06-30 12:21 ` Michael Albinus
2009-06-30 13:57 ` Teemu Likonen [this message]
2009-06-30 15:34 ` Michael Albinus
2009-06-30 16:40 ` bug#3712: marked as done (23.1.50; SECURITY: Tramp creates -rwxrwxrwx permission files with /su and /sudo method) Emacs bug Tracking System
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
List information: https://www.gnu.org/software/emacs/
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=871vp1bz95.fsf@iki.fi \
--to=tlikonen@iki.fi \
--cc=3712@emacsbugs.donarmstrong.com \
--cc=michael.albinus@gmx.de \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
Code repositories for project(s) associated with this public inbox
https://git.savannah.gnu.org/cgit/emacs.git
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).