No, we _want_ the suid and sgid bits reverted by chown, for security reasons.

They mean something different when the user they're switching to is different,
so if you still want suid you reset it afterwards.  This is a safety feature.
This commit is contained in:
Rob Landley 2006-01-06 18:22:05 +00:00
parent c00411a16a
commit f8ec1b51f3

View File

@ -4,20 +4,7 @@
*
* Copyright (C) 1999-2004 by Erik Andersen <andersen@codepoet.org>
*
* This program is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or
* (at your option) any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
* General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this program; if not, write to the Free Software
* Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
*
* Licensed under GPLv2 or later, see file LICENSE in this tarball for details.
*/
/* BB_AUDIT SUSv3 defects - unsupported options -h, -H, -L, and -P. */
@ -30,11 +17,6 @@
#include <string.h>
#include "busybox.h"
/* Don't use lchown for glibc older then 2.1.x */
#if (__GLIBC__ <= 2) && (__GLIBC_MINOR__ < 1)
#define lchown chown
#endif
static long uid;
static long gid;
@ -42,12 +24,13 @@ static int (*chown_func)(const char *, uid_t, gid_t) = chown;
static int fileAction(const char *fileName, struct stat *statbuf, void* junk)
{
if (chown_func(fileName, uid, (gid == -1) ? statbuf->st_gid : gid) == 0) {
chmod(fileName, statbuf->st_mode);
return (TRUE);
if (!chown_func(fileName,
(uid == -1) ? statbuf->st_uid : uid,
(gid == -1) ? statbuf->st_gid : gid)) {
return TRUE;
}
bb_perror_msg("%s", fileName); /* Avoid multibyte problems. */
return (FALSE);
bb_perror_msg("%s", fileName); /* A filename could have % in it... */
return FALSE;
}
#define FLAG_R 1