From: Paul Eggert <eggert@cs.ucla.edu>
To: emacs-devel@gnu.org
Cc: Romain Francoise <romain@orebokech.com>
Subject: Re: set-file-extended-attributes and backups
Date: Fri, 21 Dec 2012 08:00:01 -0800 [thread overview]
Message-ID: <50D48781.1050303@cs.ucla.edu> (raw)
In-Reply-To: <83obhntq1m.fsf@gnu.org>
On 12/21/12 06:53, Eli Zaretskii wrote:
> I think this problem is not Windows-specific. So I'm asking here:
> does it make sense to fail backup-buffer and backup-buffer-copy just
> because set-file-extended-attributes fails? I think we should ignore
> such errors
On systems where ACLs can deny access to files, failing to
copy an ACL can mean that the copy has more permissions
than the original, no? Wouldn't that be a security problem?
As I understand it, Windows ACLs can deny access, just as
Posix ACLs can, so this issue is relevant on Windows too.
The recently-added ACL code has some security holes in
this area, doesn't it? It's copying file mode separately
from copying ACLs. Surely the code should just copy ACLs,
as there's a race condition now, where the file is
temporarily exposed between the times the mode and the
ACLs are copied.
next prev parent reply other threads:[~2012-12-21 16:00 UTC|newest]
Thread overview: 25+ messages / expand[flat|nested] mbox.gz Atom feed top
2012-12-21 14:53 set-file-extended-attributes and backups Eli Zaretskii
2012-12-21 16:00 ` Paul Eggert [this message]
2012-12-21 16:44 ` Eli Zaretskii
2012-12-21 17:48 ` Paul Eggert
2012-12-21 18:08 ` Eli Zaretskii
2012-12-21 18:31 ` Paul Eggert
2012-12-23 16:59 ` Romain Francoise
2012-12-23 17:35 ` Eli Zaretskii
2012-12-24 0:59 ` Stefan Monnier
2012-12-24 3:44 ` Eli Zaretskii
2012-12-24 5:18 ` Stefan Monnier
2012-12-24 8:25 ` Michael Albinus
2012-12-24 16:24 ` Eli Zaretskii
2012-12-21 18:31 ` Romain Francoise
2012-12-22 23:03 ` Fabrice Popineau
2012-12-23 3:54 ` Eli Zaretskii
2012-12-23 17:17 ` Eli Zaretskii
2012-12-22 16:05 ` Stefan Monnier
2012-12-22 17:03 ` Eli Zaretskii
2012-12-23 13:37 ` Stefan Monnier
2012-12-29 17:20 ` Eli Zaretskii
2012-12-29 17:50 ` Eli Zaretskii
2012-12-29 19:12 ` Michael Albinus
2012-12-30 10:59 ` Michael Albinus
2012-12-30 17:21 ` Eli Zaretskii
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
List information: https://www.gnu.org/software/emacs/
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=50D48781.1050303@cs.ucla.edu \
--to=eggert@cs.ucla.edu \
--cc=emacs-devel@gnu.org \
--cc=romain@orebokech.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
Code repositories for project(s) associated with this public inbox
https://git.savannah.gnu.org/cgit/emacs.git
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).