From 61ab83d19009a8006dd73ebe16d22494b78be4d1 Mon Sep 17 00:00:00 2001 From: Richard Jones Date: Sat, 17 Apr 2010 13:33:14 +0100 Subject: [PATCH] Improved checking, documentation of modes (RHBZ#582901, RHBZ#582929). chmod: Disallow negative mode, document mode affected by umask. mkdir-mode: Disallow negative mode, document that filesystems may interpret the mode in different ways. mknod: Disallow negative mode, document mode affected by umask. umask: Check the range of umask mask value carefully. --- daemon/dir.c | 5 +++++ daemon/file.c | 5 +++++ daemon/mknod.c | 5 +++++ daemon/umask.c | 5 +++++ src/generator.ml | 28 ++++++++++++++++++++++------ 5 files changed, 42 insertions(+), 6 deletions(-) diff --git a/daemon/dir.c b/daemon/dir.c index 205139b..3a4647c 100644 --- a/daemon/dir.c +++ b/daemon/dir.c @@ -104,6 +104,11 @@ do_mkdir_mode (const char *path, int mode) { int r; + if (mode < 0) { + reply_with_error ("%s: mode is negative", path); + return -1; + } + CHROOT_IN; r = mkdir (path, mode); CHROOT_OUT; diff --git a/daemon/file.c b/daemon/file.c index dbdbbaa..7a0f8f9 100644 --- a/daemon/file.c +++ b/daemon/file.c @@ -198,6 +198,11 @@ do_chmod (int mode, const char *path) { int r; + if (mode < 0) { + reply_with_error ("%s: mode is negative", path); + return -1; + } + CHROOT_IN; r = chmod (path, mode); CHROOT_OUT; diff --git a/daemon/mknod.c b/daemon/mknod.c index 50865a6..2458a85 100644 --- a/daemon/mknod.c +++ b/daemon/mknod.c @@ -51,6 +51,11 @@ do_mknod (int mode, int devmajor, int devminor, const char *path) #ifdef HAVE_MKNOD int r; + if (mode < 0) { + reply_with_error ("%s: mode is negative", path); + return -1; + } + CHROOT_IN; r = mknod (path, mode, makedev (devmajor, devminor)); CHROOT_OUT; diff --git a/daemon/umask.c b/daemon/umask.c index a9ddeab..db4a2f2 100644 --- a/daemon/umask.c +++ b/daemon/umask.c @@ -35,6 +35,11 @@ do_umask (int mask) { int r; + if (mask < 0 || mask > 0777) { + reply_with_error ("0%o: mask negative or out of range", mask); + return -1; + } + r = umask (mask); if (r == -1) { diff --git a/src/generator.ml b/src/generator.ml index 61323a9..8869842 100755 --- a/src/generator.ml +++ b/src/generator.ml @@ -1390,7 +1390,9 @@ numeric modes are supported. I: When using this command from guestfish, C by default would be decimal, unless you prefix it with -C<0> to get octal, ie. use C<0700> not C<700>."); +C<0> to get octal, ie. use C<0700> not C<700>. + +The mode actually set is affected by the umask."); ("chown", (RErr, [Int "owner"; Int "group"; Pathname "path"]), 35, [], [], (* XXX Need stat command to test *) @@ -2985,7 +2987,9 @@ named pipes (FIFOs). The C parameter should be the mode, using the standard constants. C and C are the device major and minor numbers, only used when creating block -and character special devices."); +and character special devices. + +The mode actually set is affected by the umask."); ("mkfifo", (RErr, [Int "mode"; Pathname "path"]), 134, [Optional "mknod"], [InitBasicFS, Always, TestOutputStruct ( @@ -2995,7 +2999,9 @@ and character special devices."); "\ This call creates a FIFO (named pipe) called C with mode C. It is just a convenient wrapper around -C."); +C. + +The mode actually set is affected by the umask."); ("mknod_b", (RErr, [Int "mode"; Int "devmajor"; Int "devminor"; Pathname "path"]), 135, [Optional "mknod"], [InitBasicFS, Always, TestOutputStruct ( @@ -3005,7 +3011,9 @@ C."); "\ This call creates a block device node called C with mode C and device major/minor C and C. -It is just a convenient wrapper around C."); +It is just a convenient wrapper around C. + +The mode actually set is affected by the umask."); ("mknod_c", (RErr, [Int "mode"; Int "devmajor"; Int "devminor"; Pathname "path"]), 136, [Optional "mknod"], [InitBasicFS, Always, TestOutputStruct ( @@ -3015,7 +3023,9 @@ It is just a convenient wrapper around C."); "\ This call creates a char device node called C with mode C and device major/minor C and C. -It is just a convenient wrapper around C."); +It is just a convenient wrapper around C. + +The mode actually set is affected by the umask."); ("umask", (RInt "oldmask", [Int "mask"]), 137, [FishOutput FishOutputOctal], [InitEmpty, Always, TestOutputInt ( @@ -3879,7 +3889,13 @@ C<*secs> field is ignored in this case)."); "create a directory with a particular mode", "\ This command creates a directory, setting the initial permissions -of the directory to C. See also C."); +of the directory to C. + +For common Linux filesystems, the actual mode which is set will +be C. Non-native-Linux filesystems may +interpret the mode in other ways. + +See also C, C"); ("lchown", (RErr, [Int "owner"; Int "group"; Pathname "path"]), 203, [], [], (* XXX *) -- 1.8.3.1