[Toybox] [PATCH] Correct Setting of uid and gid when extracting CPIO archive

[Rich Felker]

On Sun, Dec 06, 2015 at 04:04:22PM -0600, Rob Landley wrote:
> On 12/02/2015 07:39 AM, Mike Moreton wrote:
> > Hi, I’ve fixed a couple of bugs in cpio.
> 
> Thanks, I applied both patches. Several good fixes here in the "I don't
> know how this ever worked before" category, but:
> 
> 1) git am says it doesn't have a valid email address. (I fixed that up
> to get it to apply.)
> 
> 2) I don't understand this bit:
> 
> -      if (!S_ISREG(mode) && !S_ISLNK(mode) && !getpid()) {
> -        int fd = open(name, O_WRONLY|O_NOFOLLOW);
> +      if (!S_ISREG(mode) && !S_ISLNK(mode) && !geteuid()) {
> +        int fd = open(name, O_RDONLY|O_NOFOLLOW);
> 
> The purpose of the filehandle is to call fchown() on it. Can we change
> ownership through a read only filehandle? (The kernel not only allows
> this now but will continue to allow this in future?)

fchown/fchmod do not care about the access mode of the open file
description. Their behavior depends only on having ownership of (or
otherwise having permission to change) the actual file referenced.
This is a POSIX requirement and will not change; it's simply a
consequence of the text;

	"The fchmod() function shall be equivalent to chmod() except
	that the file whose permissions are changed is specified by
	the file descriptor fildes."

This does not permit it to behave differently based on the access mode
the file was opened with.

Rich

 1449943804.0